High severity7.5NVD Advisory· Published Jun 7, 2018· Updated Jun 17, 2026
CVE-2017-16138
CVE-2017-16138
Description
The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mimenpm | >= 2.0.0, < 2.0.3 | 2.0.3 |
mimenpm | < 1.4.1 | 1.4.1 |
Affected products
2- Range: < 1.4.1 || > 2.0.0 < 2.0.3
Patches
Vulnerability mechanics
References
6- github.com/broofa/node-mime/issues/167nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-wrvr-8mpx-r7ppghsaADVISORY
- nodesecurity.io/advisories/535nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2017-16138ghsaADVISORY
- github.com/broofa/mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0ghsaWEB
- github.com/broofa/mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274dghsaWEB
News mentions
0No linked articles in our index yet.