High severity7.5NVD Advisory· Published Jun 4, 2018· Updated Jun 17, 2026
CVE-2017-16023
CVE-2017-16023
Description
Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
decamelizenpm | >= 1.1.0, < 1.1.2 | 1.1.2 |
Affected products
2- HackerOne/decamelize node modulev5Range: >=1.1.0 <=1.1.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-q5c4-39f5-m68jghsaADVISORY
- github.com/sindresorhus/decamelize/issues/5nvdThird Party AdvisoryWEB
- nodesecurity.io/advisories/308nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2017-16023ghsaADVISORY
- www.npmjs.com/advisories/308ghsaWEB
News mentions
0No linked articles in our index yet.