Lucene search
HackeroneCVELIST:CVE-2017-16119HistoryApr 26, 2018 - 12:00 a.m.
CVE-2017-16119
2018-04-2600:00:00
CWE-400
hackerone
www.cve.org
0.001 Low
EPSS
Percentile
44.7%
Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition.
CNA Affected
[
{
"product": "fresh node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "< 0.5.2"
}
]
}
]References
Related
ubuntucve
ubuntucve
CVE-2017-16119
2018-06-07 00:00:00
nodejs
nodejs
Regular Expression Denial of Service
2017-09-08 20:23:54
nvd
nvd
CVE-2017-16119
2018-06-07 02:29:02
cve
cve
CVE-2017-16119
2018-06-07 02:29:02
osv
osv
Regular Expression Denial of Service in fresh
2018-07-24 20:16:57
github
github
Regular Expression Denial of Service in fresh
2018-07-24 20:16:57
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2017-09-27 03:18:15
prion
prion
Race condition
2018-06-07 02:29:00
redhatcve
redhatcve
CVE-2017-16119
2018-06-07 20:49:15
debiancve
debiancve
CVE-2017-16119
2018-06-07 02:29:02
ibm
ibm
Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities
2020-06-01 18:24:53
Security Bulletin: OSS security Scan issues for Concerto installer.
2020-12-08 06:37:17
Security Bulletin: Open Source Security issues for NPS console.
2020-12-15 07:03:03