Search
Find a vulnerability
Search criteria
2 vulnerabilities by parsejson_project
CVE-2017-16113 (GCVE-0-2017-16113)
Vulnerability from nvd – Published: 2018-06-07 02:00 – Updated: 2024-09-16 20:46
VLAI
EPSS
VEX
Summary
The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed.
Severity
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://nodesecurity.io/advisories/528 | x_refsource_MISC |
| https://github.com/get/parsejson/issues/4 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HackerOne | parsejson node module |
Affected:
<=0.0.3
|
Date Public
2018-04-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/get/parsejson/issues/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "parsejson node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "\u003c=0.0.3"
}
]
}
],
"datePublic": "2018-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/get/parsejson/issues/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "parsejson node module",
"version": {
"version_data": [
{
"version_value": "\u003c=0.0.3"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/528",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/528"
},
{
"name": "https://github.com/get/parsejson/issues/4",
"refsource": "MISC",
"url": "https://github.com/get/parsejson/issues/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16113",
"datePublished": "2018-06-07T02:00:00.000Z",
"dateReserved": "2017-10-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:46:50.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16113 (GCVE-0-2017-16113)
Vulnerability from cvelistv5 – Published: 2018-06-07 02:00 – Updated: 2024-09-16 20:46
VLAI
EPSS
VEX
Summary
The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed.
Severity
No CVSS data available.
CWE
- CWE-400 - Denial of Service (CWE-400)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://nodesecurity.io/advisories/528 | x_refsource_MISC |
| https://github.com/get/parsejson/issues/4 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HackerOne | parsejson node module |
Affected:
<=0.0.3
|
Date Public
2018-04-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/get/parsejson/issues/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "parsejson node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "\u003c=0.0.3"
}
]
}
],
"datePublic": "2018-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/get/parsejson/issues/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "parsejson node module",
"version": {
"version_data": [
{
"version_value": "\u003c=0.0.3"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/528",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/528"
},
{
"name": "https://github.com/get/parsejson/issues/4",
"refsource": "MISC",
"url": "https://github.com/get/parsejson/issues/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16113",
"datePublished": "2018-06-07T02:00:00.000Z",
"dateReserved": "2017-10-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:46:50.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}