A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS).
The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes.
[
add
]
[
|
|
...
]