Name of the Vulnerable Software and Affected Versions: node-static versions all

Description: The issue allows attackers to crash the server by accessing a specific URL, http://host/%00, due to the package's failure to catch an exception when user input includes null bytes.

Recommendations: For all versions, consider disabling the handling of user input that includes null bytes as a temporary workaround until a patch is available. Restrict access to the server to minimize the risk of exploitation.