3 matches found
3rr (>=0.0.1 <=0.0.2), @apechimp/cool-led (=1.0.0) +321 more potentially affected by CVE-2015-9242 via ecstatic (>=0.1.6 <=1.3.1)
ecstatic NPM version =0.1.6, =0.0.1, =0.2.3, =0.2.1, =0.1.1, =1.0.0, =1.6.9, =0.0.6, =3.0.0-0, =0.0.0, =0.0.1, =0.0.4 and more Source cves: CVE-2015-9242 Source advisory: OSV:GHSA-VWJC-Q9PX-R9VQ...
CVE-2015-9242
Certain input strings when passed to new Date or Date.parse in ecstatic node module before 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when this input is passed into the server via the If-Modified-Since header...
CVE-2015-9242
CVE-2015-9242 concerns the ecstatic Node.js module. The vulnerability affects versions before 1.4.0 and is triggered when certain input strings are passed via the Last-Modified or If-Modified-Since headers, causing v8 to crash and enabling a denial-of-service condition on the server. The issue st...