Lucene search
GoogleOSV:CVE-2017-16098HistoryJun 07, 2018 - 2:29 a.m.
CVE-2017-16098
2018-06-0702:29:02
Google
osv.dev
2
0.001 Low
EPSS
Percentile
48.1%
charset 1.0.0 and below are vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds. Unless node was compiled using the -DHTTP_MAX_HEADER_SIZE= option the default header max length is 80kb, so the impact of the ReDoS is relatively low.
Related
nodejs
nodejs
Regular Expression Denial of Service
2017-09-08 17:43:33
cvelist
cvelist
CVE-2017-16098
2018-04-26 00:00:00
osv
osv
Regular Expression Denial of Service in charset
2018-08-09 20:55:46
github
github
Regular Expression Denial of Service in charset
2018-08-09 20:55:46
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2018-06-07 15:34:40
cve
cve
CVE-2017-16098
2018-06-07 02:29:02
prion
prion
Default credentials
2018-06-07 02:29:00
nvd
nvd
CVE-2017-16098
2018-06-07 02:29:02