CVE-2017-16023 - AskarLabs CVE Database

CVE-2017-16023

Vendor Hackerone

Product decamelize node module

Weakness CWE-400

Published June 4, 2018

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack.

Key dates

02Disclosure timeline

June 4, 2018 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-16023 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/400.html

Related vulnerabilities

04Related CVE

CVE-2024-10599 Tongda OA 2017 package_static_resources.php resource consumption CVE-2021-21306 Denial of Service in Marked CVE-2021-32723 Regular Expression Denial of Service (ReDoS) in Prism CVE-2025-21351 Windows Active Directory Domain Services API Denial of Service Vulnerability CVE-2026-39865 Axios HTTP/2 Session Cleanup State Corruption Vulnerability