Описание
Denial of Service in http-live-simulator
Versions of http-live-simulator prior to 1.0.8 are vulnerable to Denial of Service. The package fails to catch an exception that causes the Node process to crash, effectively shutting down the server. This allows an attacker to send an HTTP request that crashes the server.
Recommendation
Upgrade to version 1.0.8 or later.
Пакеты
Наименование
http-live-simulator
npm
Затронутые версииВерсия исправления
< 1.0.8
1.0.8