Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Nes is a websocket extension library for hapi. Hapi is a webserver framework. Versions below and including 6.4.0 have a denial of service vulnerability via an invalid Cookie header. This is only present when websocket authentication is set to `cookie`. Submitting an invalid cookie on the websocket upgrade request will cause the node process to error out.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Nes 安全漏洞
Vulnerability Description
Nes是一款用于hapi路由的WebSocket适配器插件。 Nes 6.4.0及之前版本中存在安全漏洞。当websocket身份验证被设置为‘cookie’时,攻击者可通过提交无效的cookie利用该漏洞关闭节点进程。
CVSS Information
N/A
Vulnerability Type
N/A