DNS Rebinding
Overview Affected versions of this package are vulnerable to DNS Rebinding in dns.lookup lib/dns.js and lookupAndConnect lib/net.js, which forward a hostname containing an embedded NUL byte to the native resolver bindings where the C string is truncated at the first NUL. An attacker can cause an...