RSS   Vulnerabilities for 'Method-override'   RSS

2018-06-06
 
CVE-2017-16136

CWE-400
 

 
method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is vulnerable to a regular expression denial of service vulnerability when specially crafted input is passed in to be parsed via the X-HTTP-Method-Override header.

 

 >>> Vendor: Expressjs 2 Products
Express
Method-override


Copyright 2024, cxsecurity.com

 

Back to Top