Iโd like to report Node.js vulnerability (CVE-2024-22019) that was recently fixed:
This is a major issue because it allows unbounded resource (CPU, network bandwidth) consumption of the standard Node.js http server. The standard methods which could help blocking a malicious requests like timeouts and limiting request body size do not seem to work.