Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2015-8315

Description

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."

POC

Reference

No PoCs from references.

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Banyaon/And-ifclcs-

- https://github.com/Banyaon/supreme-robot

- https://github.com/Banyaon/vigilant-fiesta

- https://github.com/nr-security-github/fake-vulnerabilities-js-npm

- https://github.com/xthk/fake-vulnerabilities-javascript-npm