CVE-2011-5037

CVSS v2.0 5 (Medium)

EPSS 0.46 % (76^th)

Affected Products 1

Advisories 1

Google V8 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, as demonstrated by attacks against Node.js.

Weaknesses

CWE-20: Improper Input Validation

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2011-12-30 01:55:01
(12 years ago)
Updated Date: 2012-11-06 05:05:01
(12 years ago)

Affected Products

Google

Configuration #1

		CPE23	From	Up To
	Google V8	cpe:2.3:a:google:v8