Lucene search

K
cvelistHackeroneCVELIST:CVE-2017-16119
HistoryApr 26, 2018 - 12:00 a.m.

CVE-2017-16119

2018-04-2600:00:00
CWE-400
hackerone
www.cve.org

0.001 Low

EPSS

Percentile

44.7%

Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition.

CNA Affected

[
  {
    "product": "fresh node module",
    "vendor": "HackerOne",
    "versions": [
      {
        "status": "affected",
        "version": "< 0.5.2"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

44.7%