CVE-2017-16129
CVE-2017-16129 affects the HTTP client module superagent . It is vulnerable to ZIP-bomb attacks: a small ZIP can expand massively after decompression, causing unbounded CPU/memory usage and potential DoS. Exploitation requires the attacker to control the URL being requested. Some connected adviso...