Denial of Servicenes
Affected versions of
nes are vulnerable to denial of service when given an invalid
cookie header, and websocket authentication is set to
cookie. Submitting an invalid cookie on the websocket upgrade request will cause the node process to throw and exit.
Update to version 6.4.1 or later.
publishedAdvisory publishedApr 14th, 2017
reportedInitial report by iipokypatopMar 21st, 2017