CVE-2017-20162 in vercel정보

요약

\~에 의해 MITRE • 2023. 01. 09.

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.0 is able to address this issue. The patch is named caae2988ba2a37765d055c4eee63d383320ee662. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217451.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

VulDB

예약하다

2023. 01. 05.

공개

2023. 01. 09.

모더레이션

수락

항목

VDB-217451

CPE

준비됨

CWE

CWE-1333 (확인됨)

익스플로잇

다운로드

CVSS

5.3 (NVD)

EPSS

0.00312

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20162
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20162
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20162/

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!