Insufficient Error Handling

2017-04-11T23:25:24
ID NODEJS:323
Type nodejs
Reporter TJ Holowaychuk
Modified 2017-04-11T23:25:24

Description

Overview

Affected versions of http-proxy are vulnerable to a denial of service attack, wherein an attacker can force an error which will cause the server to crash.

Remediation

Update to version 0.7.0 or later.

References

PR #101