Skip to content
This repository has been archived by the owner on Jan 2, 2025. It is now read-only.

Crash in HeaderParser in dicer #568

Open
skhrapko-amplify opened this issue Jul 11, 2022 · 1 comment
Open

Crash in HeaderParser in dicer #568

skhrapko-amplify opened this issue Jul 11, 2022 · 1 comment

Comments

@skhrapko-amplify
Copy link

This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. A complete denial of service can be achived by sending the malicious form in a loop.

[(https://github.com/advisories/GHSA-wm7h-9275-46v2)]
@ar90n
Copy link
Owner

ar90n commented Jul 11, 2022
edited
Loading

@skhrapko-amplify
Thanks for your comment. This issue is argued by the following issue. Please see it.

#566

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ar90n @skhrapko-amplify