VYPR
High severity7.5NVD Advisory· Published Jun 4, 2018· Updated Jun 17, 2026

CVE-2017-16023

CVE-2017-16023

Description

Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
decamelizenpm
>= 1.1.0, < 1.1.21.1.2

Affected products

2
  • ghsa-coords
    Range: >= 1.1.0, < 1.1.2
  • HackerOne/decamelize node modulev5
    Range: >=1.1.0 <=1.1.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.