27 matches found
CVE-2017-16116
The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods...
string module denial of service vulnerability
The string module is a lightweight JavaScript library that provides additional String methods for Node.js. A security vulnerability exists in the string module. An attacker can exploit this vulnerability to cause a denial of service with the help of untrustworthy specially crafted input...
CVE-2017-16116
The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods...
CVE-2017-16116
The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods...
Design/Logic Flaw
The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods...
CVE-2017-16116
The CVE-2017-16116 entry corresponds to the Node.js string module. The vulnerability is a regular expression denial of service (ReDoS) triggered by untrusted input passed to the underscore or unescapeHTML methods. Impact described as potential denial of service. Public remediation details in the ...
CVE-2017-16116
The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods...