VYPR
Medium severity5.3NVD Advisory· Published Jun 7, 2018· Updated Jun 17, 2026

CVE-2017-16137

CVE-2017-16137

Description

The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
debugnpm
< 2.6.92.6.9
debugnpm
>= 3.0.0, < 3.1.03.1.0
debugnpm
>= 3.2.0, < 3.2.73.2.7
debugnpm
>= 4.0.0, < 4.3.14.3.1

Affected products

26

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.