Back
Low · CVSS 2.5Other

Unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion

hackerone-reports
hackerone-reports
March 5, 2026
1
€0

Vulnerability Summary

HackerOne disclosed report --> https://hackerone.com/reports/3456148 by undefined

Summary:

Unbounded number of links in the decompression chain for HTTP responses in Node.js Fetch API

Identification Required

You must be logged in to read this writeup. Join our community of researchers today.

Sign InRegister

Discussion

No comments yet. Be the first to share your thoughts.

Log in to join the discussion.

Sign In