Node.js: Unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion

A vulnerability was discovered in the Fetch API of Node.js that allowed an unbounded number of links in the decompression chain for HTTP responses. This could lead to resource exhaustion, as the default maxHeaderSize allowed a malicious server to insert thousands of compression steps, resulting i...