Home > Vulnerability Database > WS-2019-0288

Mend.io Vulnerability Database

WS-2019-0288

Good to know:

Date: September 6, 2019

Http-live-simulator before 1.0.8 is vulnerable to Denial of Service (DOS). The package fails to catch an exception that causes the Node process to crash, effectively shutting down the server. This allows an attacker to send an HTTP request that crashes the server.

Language: JS

Severity Score

5.3

Related Resources (3)

Url: https://github.com/prahladyeri/http-live-simulator/issues/3

Url: https://github.com/prahladyeri/http-live-simulator/commit/f9f13b5bfc4f95eeeb33c850f58425e65a71aa5a

Url: https://www.mend.io/vulnerability-database/WS-2019-0288

Severity Score

5.3

Weakness Type (CWE)

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

Top Fix

Upgrade Version

Upgrade to version 1.0.8

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

WS-2019-0288

Good to know:

Date: September 6, 2019

Language: JS

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?