Affected versions of nes
are vulnerable to denial of service when given an invalid cookie
header, and websocket authentication is set to cookie
. Submitting an invalid cookie on the websocket upgrade request will cause the node process to throw and exit.
Update to version 6.4.1 or later.