Denial of Service (DoS)
Affecting nes package, versions <6.4.1
Affected versions of this package are vulnerable to Denial of Service (DoS) attacks. An attacker may craft an invalid cookie header, causing the node server to crash.
Note: This issue occurs only when websocket authentication is set to
nes to version 6.4.1 or higher.
Do your applications use this vulnerable package?
- Snyk ID
- 27 Jan, 2017
- 16 Apr, 2017