GMS-2017-333: Denial of Service

December 13, 2017

A payload of kB causes a lag of 1 second, a payload of kB causes a lag of 3 seconds, a payload of kB caused the server to crash.

References

github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01
www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/

Code Behaviors & Features

Detect and mitigate GMS-2017-333 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →