National Party Month

npm

JoinLog In
Severity: moderate

Regular Expression Denial of Service

mime

Overview

Affected versions of mime are vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.

Remediation

Update to version 2.0.3 or later.

Resources

Issue #167

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory published
    Sep 27th, 2017

  2. reported

    Initial report by Cristian-Alexandru Staicu
    Sep 25th, 2017