Regular Expression Denial of Service (ReDoS) in ms package for Node.js versions prior to 0.7.1
CVE-2015-8315 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
Learn more about our Web Application Penetration Testing UK.