---
title: IMPORTANT! Update Node.JS to 18.19.1, 20.11.1, 21.6.2 or newer!
tags:
  - cybersecurity
  - node.js
category: Notices
thumbnail: /images/covers/IMPORTANT-Update-Node-JS-to-18-19-1-20-11-1-21-6-2-or-newer.png
date: 2024-03-13 03:18:40
---

**IMPORTANT! Update Node.JS to 18.19.1, 20.11.1, 21.6.2 or newer!**

Older versions of Node.JS had a [CVE-2024-22019 vulnerability](https://nodejs.org/en/blog/vulnerability/february-2024-security-releases#reading-unprocessed-http-request-with-unbounded-chunk-extension-allows-dos-attacks-cve-2024-22019---high), which involves sending specially constructed HTTP request with chunked encoding, which leads to resource exhaustion and denial of service (DoS).

The original vulnerability description:

_A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits._

Future SVR.JS versions will warn you about this vulnerability in server logs, if you're running affected versions of Node.JS.