vulnerability
Ubuntu: (CVE-2017-16138): node-mime vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jun 7, 2018 | Jun 26, 2025 | Jun 26, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jun 7, 2018
Added
Jun 26, 2025
Modified
Jun 26, 2025
Description
The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.
Solution
no-fix-ubuntu-package
References
- CVE-2017-16138
- https://attackerkb.com/topics/CVE-2017-16138
- URL-https://github.com/broofa/node-mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0
- URL-https://github.com/broofa/node-mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274d
- URL-https://github.com/broofa/node-mime/issues/167
- URL-https://nodesecurity.io/advisories/535
- URL-https://www.cve.org/CVERecord?id=CVE-2017-16138
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.