Severity: moderate

    Regular Expression Denial of Service

    mime

    Overview

    Affected versions of mime are vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.

    Remediation

    Update to version 2.0.3 or later.

    Resources

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory published
      Sep 27th, 2017
    2. reported

      Initial report by Cristian-Alexandru Staicu
      Sep 25th, 2017