Описание
Denial of Service in yar
Versions of yar prior to 2.2.0 are affected by a denial of service vulnerability related to an invalid encrypted session cookie value.
When an invalid encryped session cookie value is provided, the process will crash.
Recommendation
Update to version 2.2.0 or later.
Пакеты
Наименование
yar
npm
Затронутые версииВерсия исправления
< 2.2.0
2.2.0
