CVE-2017-16023
CVE-2017-16023
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
04 Jun 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack.
Affected products
HackerOne · decamelize node moduleWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →