5 matches found
Security Bulletin: Two ReDoS vulnerabilities in modules included in the Node.js npm tool affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux
Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions, and Rational Developer for AIX and Linux. Two ReDoS vulnerabilities in modules included in the Node.js n...
Security Bulletin: Two ReDoS vulnerabilities in modules included in the Node.js npm tool
Summary Two ReDoS vulnerabilities in modules included in the Node.js npm tool shipped by IBM Rational Application Developer for WebSphere Software. Vulnerability Details CVEID: CVE-2016-2515 DESCRIPTION: Node.JS hawk is vulnerable to a denial of service, caused by an error in the regular expressi...
CVE-2016-2515
Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service CPU consumption or partial outage via a long 1 header or 2 URI that is matched against an improper regular expression...
CVE-2016-2515
Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service CPU consumption or partial outage via a long 1 header or 2 URI that is matched against an improper regular expression...
CVE-2016-2515
CVE-2016-2515 affects Hawk in Node.js/npm deployments: Hawk before 3.1.3 and 4.x before 4.1.1 is vulnerable to a denial of service where an attacker can cause CPU exhaustion by sending an excessively long header or URI that matches an improper regular expression. Reported in multiple sources (GHS...