Node.js Update Fixes a Serious Remote Denial-of-Service Flaw

The Node.js maintainers have fixed a security issue in zlib compression that could be exploited by attackers to remotely crash the runtime. The vulnerability is tracked as CVE-2017-14919 and is caused by a change in the zlib v1.2.9 library that changed the behavior of the windowBits parameter.

Read full news article on The New Stack