CVE-2017-18077

2018-01-27T12:29:00
ID CVE-2017-18077
Type cve
Reporter cve@mitre.org
Modified 2018-02-15T18:14:00

Description

index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.