5 matches found
RHEL 8 : nodejs-mime (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-mime: Regular expression Denial of Service CVE-2017-16138 Note that Nessus has not tested for this issue but...
00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +33843 more potentially affected by CVE-2017-16138 via mime (>=1.0.0 <=1.4.0)
mime NPM version =1.0.0, =1.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on mime and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 -...
CVE-2017-16138
The mime module is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input...
CVE-2017-16138
The mime module 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input...
CVE-2017-16138
CVE-2017-16138 affects the mime Node.js module, with vulnerable versions including