High severity7.5NVD Advisory· Published Nov 17, 2017· Updated Jun 17, 2026
CVE-2017-1000189
CVE-2017-1000189
Description
nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile()
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ejsnpm | < 2.5.5 | 2.5.5 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8fnvdPatchThird Party AdvisoryWEB
- www.securityfocus.com/bid/101893nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-6x77-rpqf-j6mwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000189ghsaADVISORY
- web.archive.org/web/20171123041449/http://www.securityfocus.com/bid/101893ghsaWEB
News mentions
0No linked articles in our index yet.