PRIOn knowledge basePRION:CVE-2017-16138

HistoryJun 07, 2018 - 2:29 a.m.

Input validation

2018-06-0702:29:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.

CPENameOperatorVersion
mimelt1.4.1
mimege2.0.1
mimelt2.0.3

Name	Operator	Version
mime	lt	1.4.1
mime	ge	2.0.1
mime	lt	2.0.3

References

github.com/broofa/node-mime/issues/167

nodesecurity.io/advisories/535