Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Node.js Web Application does not handle unhandledRejection - Vulnerability Database

Node.js Web Application does not handle unhandledRejection

Description

The unhandledRejection event is emitted whenever a Promise is rejected and no error handler is attached to the promise within a turn of the event loop. By default, Node.js handles such exceptions by printing the stack trace to stderr and exiting with code 1. It's recommended to implement a handler function for this unhandled event.

Remediation

Your web application should implement a handler function for the <strong>unhandledRejection</strong> event.

References

unhandledRejection event

Related Vulnerabilities

Node.js Web Application does not handle uncaughtException Medium
Common tags: Configuration Denial Of Service Error Handling
Error page path disclosure Low
Common tags: Configuration Error Handling
Elmah.axd / Errorlog.axd Detected High
Common tags: Configuration Error Handling
Web Cache Poisoning DoS Medium
Common tags: Configuration Denial Of Service
Web Cache Poisoning DoS (for javascript) Medium
Common tags: Configuration Denial Of Service

Severity

Medium

Classification

CWE-248
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Tags

Configuration
Denial Of Service
Error Handling