Node.js Web Application does not handle unhandledRejection

Severity: Medium

Invicti detected that the applicaton does not handle unhandled rejection.

The unhandledRejection event is emitted whenever a Promise is rejected and no error handler is attached to the promise within a turn of the event loop. By default, Node.js handles such exceptions by printing the stack trace to stderr and exiting with code 1. It's recommended to implement a handler function for this unhandled event.


An attacker can force the web application to terminate by generating an exception.

Actions To Take#

Your web application should implement a handler function for the unhandledRejection event.

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works