Описание
Denial of Service in grpc-ts-health-check
Versions of grpc-ts-health-check prior to 2.0.0 are vulnerable to Denial of Service. The package exposes an API endpoint that may allow attackers to set the service's health status to failing. This can lead to Denial of Service as Kubernetes blocks traffic to services with a failing status.
Recommendation
Upgrade to version 2.0.0 or later.
Пакеты
Наименование
grpc-ts-health-check
npm
Затронутые версииВерсия исправления
< 2.0.0
2.0.0