CVE CVE-2017-16115 Mappings

The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2017-16115 timespan node module uncategorized T1499.003 Application Exhaustion Flood