CVE-2015-8315

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
References
Link Resource
http://www.openwall.com/lists/oss-security/2016/04/20/11 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/96389 Broken Link Third Party Advisory VDB Entry
https://nodesecurity.io/advisories/46 Broken Link Exploit Mitigation Vendor Advisory
https://support.f5.com/csp/article/K46337613?utm_source=f5support&amp%3Butm_medium=RSS Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:vercel:ms:*:*:*:*:*:node.js:*:*

History

08 Feb 2024, 20:34

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/96389 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/96389 - Broken Link, Third Party Advisory, VDB Entry
References () https://nodesecurity.io/advisories/46 - Exploit, Mitigation, Vendor Advisory () https://nodesecurity.io/advisories/46 - Broken Link, Exploit, Mitigation, Vendor Advisory
References () https://support.f5.com/csp/article/K46337613?utm_source=f5support&amp%3Butm_medium=RSS - () https://support.f5.com/csp/article/K46337613?utm_source=f5support&amp%3Butm_medium=RSS - Third Party Advisory
CWE CWE-400 CWE-1333

07 Nov 2023, 02:28

Type Values Removed Values Added
References
  • {'url': 'https://support.f5.com/csp/article/K46337613?utm_source=f5support&utm_medium=RSS', 'name': 'https://support.f5.com/csp/article/K46337613?utm_source=f5support&utm_medium=RSS', 'tags': ['Third Party Advisory'], 'refsource': 'CONFIRM'}
  • () https://support.f5.com/csp/article/K46337613?utm_source=f5support&amp%3Butm_medium=RSS -

09 Jun 2023, 18:12

Type Values Removed Values Added
CWE CWE-399 CWE-400
CPE cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:* cpe:2.3:a:vercel:ms:*:*:*:*:*:node.js:*:*
First Time Vercel
Vercel ms
References (BID) http://www.securityfocus.com/bid/96389 - (BID) http://www.securityfocus.com/bid/96389 - Third Party Advisory, VDB Entry
References (CONFIRM) https://support.f5.com/csp/article/K46337613?utm_source=f5support&utm_medium=RSS - (CONFIRM) https://support.f5.com/csp/article/K46337613?utm_source=f5support&utm_medium=RSS - Third Party Advisory

Information

Published : 2017-01-23 21:59

Updated : 2024-02-08 20:34


NVD link : CVE-2015-8315

Mitre link : CVE-2015-8315

CVE.ORG link : CVE-2015-8315


JSON object : View

Products Affected

vercel

  • ms
CWE