2 matches found
3nit-components (>=0.0.2 <=0.0.4), 3nit-utils (>=0.3.0 <=0.23.0) +1583 more potentially affected by unknown CVE via ammo (>=1.0.1 <=3.0.3)
ammo NPM version =1.0.1, =0.0.2, =0.3.0, =1.0.0, =1.16.0, =1.16.0, =1.16.0, =1.0.0, =0.0.1, =0.1.0, =0.9.0, =1.0.7, =0.0.1, =1.0.8, =11.1.27-alpha.4606607431 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MG85-8MV5-FFJR...
GHSA-MG85-8MV5-FFJR Denial of Service in ammo
All versions of ammo are vulnerable to Denial of Service. The Range HTTP header parser has a vulnerability which will cause the function to throw a system error if the header is set to an invalid value. Because hapi is not expecting the function to ever throw, the error is thrown all the way up t...