Name of the Vulnerable Software and Affected Versions subtext versions prior to 6.1.2

Description The issue allows attackers to send requests with arbitrary payload sizes, potentially exhausting system resources and leading to Denial of Service. This is due to the package's failure to enforce the maxBytes configuration for payloads with chunked encoding that are written to the file system.

Recommendations For versions prior to 6.1.2, update to version 6.1.2 or later, available in the @hapi/subtext package, as the original subtext package is not actively maintained.