CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

SUSE CVE•added 2023/02/15 5:12 a.m.•1 views

SUSE CVE-2015-8315

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.00779EPSS

Exploits1References3

Node.js•added 2015/10/24 4:6 p.m.•22 views

Regular Expression Denial of Service

Overview Versions of ms prior to 0.7.1 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. Proof of Concept javascript var ms = require'ms'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr;...

7.8CVSS2.7AI score0.00779EPSS

Exploits1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by