RSS   Vulnerabilities for 'Timespan'   RSS

2018-06-06
 
CVE-2017-16115

CWE-400
 

 
The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds.

 


Copyright 2024, cxsecurity.com

 

Back to Top