RSS   Vulnerabilities for 'Forwarded'   RSS

2018-06-06
 
CVE-2017-16118

CWE-400
 

 
The forwarded module is used by the Express.js framework to handle the X-Forwarded-For header. It is vulnerable to a regular expression denial of service when it's passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition.

 


Copyright 2024, cxsecurity.com

 

Back to Top