Node.js get a patch for the vulnerability

The developers of the Node.js-platform, which for web servers is used, as a precaution, an update is released. A security vulnerability in the platform may result in private lwa user data to drain.

Because the length of a certain string not properly controlled, it is possible in theory to access http-headers in order to spoof, to private information of other users to get hold of. There is still no proof of concept, but as a precaution, the hole is plugged, and there is a security update released.

The problem is in the http-parser node.js, which can be manipulated that information from other http-sockets is shown. There would be more private to sit. Node.js is a platform that is primarily used with web servers; the platform makes it possible to use javascript on the server-side applications to build. Node.js is based on the javascript engine of Google Chrome.