Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2017-16113 Vulnerability in npm package parsejson

Description

The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed.

Remediation

References

https://github.com/get/parsejson/issues/4

https://nodesecurity.io/advisories/528

Related Vulnerabilities

CVE-2019-9737 Vulnerability in maven package org.webjars.npm:editor.md

CVE-2021-39149 Vulnerability in maven package com.thoughtworks.xstream:xstream

CVE-2020-9483 Vulnerability in maven package org.apache.skywalking:server-storage-plugin

CVE-2021-23399 Vulnerability in npm package wincred

CVE-2023-26109 Vulnerability in npm package node-bluetooth-serial-port

Severity

High

Classification

CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Exploit Issue Tracking Third Party Advisory