Insufficient Error Handling

2017-04-11T23:25:24
ID NODEJS:323
Type nodejs
Reporter TJ Holowaychuk
Modified 2018-05-08T14:27:01

Description

Overview

Affected versions of http-proxy are vulnerable to a denial of service attack, wherein an attacker can force an error which will cause the server to crash.

Recommendation

Update to version 0.7.0 or later.

References

PR #101