534:debug:Regular Expression Denial of Service

CVES CVE-2017-16137
CWE CWE-400
References: - [Issue #501](https://github.com/visionmedia/debug/issues/501)
- [PR #504](https://github.com/visionmedia/debug/pull/504)
Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. 

As it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.
@marshyski 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

534:debug:Regular Expression Denial of Service #202

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

534:debug:Regular Expression Denial of Service #202

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions