Description
A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.
Remediation
References
https://research.jfrog.com/vulnerabilities/undefined-variable-usage-in-proxy-leads-to-remote-denial-of-service-xray-520917
Related Vulnerabilities
CVE-2020-10991 Vulnerability in maven package org.mule.modules:mule-module-apikit
CVE-2023-38507 Vulnerability in npm package @strapi/plugin-users-permissions
CVE-2020-36179 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-1010266 Vulnerability in maven package org.webjars.npm:lodash