Advisories for Npm/Http-Live-Simulator package

Versions of http-live-simulator prior to 1.0.8 are vulnerable to Denial of Service. The package fails to catch an exception that causes the Node process to crash, effectively shutting down the server. This allows an attacker to send an HTTP request that crashes the server. Recommendation Upgrade to version 1.0.8 or later.

Path traversal vulnerability in http-live-simulator npm package allows arbitrary path to be accessed on the file system by a remote attacker.

Path traversal vulnerability in http-live-simulator causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.