2 matches found
3rr (>=0.0.1 <=0.0.2), @apatheticwes/trigger (>=0.1.0 <=0.2.0) +551 more potentially affected by CVE-2016-10703 via ecstatic (>=0.1.6 <=1.4.1)
ecstatic NPM version =0.1.6, =0.0.1, =0.1.0, =3.0.0-beta.45, =1.0.0, =0.2.3, =0.2.1, =1.0.0, =0.1.1, =0.0.1, =1.0.0, =2.1.1 and more Source cves: CVE-2016-10703 Source advisory: OSV:GHSA-PM9P-9926-W68M...
CVE-2016-10703
CVE-2016-10703 affects the npm package ecstatic, specifically the file lib/ecstatic.js, with vulnerable versions prior to 2.0.0. The flaw is a regular expression DoS that lets a remote attacker pass a crafted string to overload and crash the server. Impact is a denial of service affecting the ecs...