PT-2018-6165 · Mime · Mime
Published
2018-06-07
·
Updated
2019-10-09
·
CVE-2017-16138
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
mime versions prior to 1.4.1
mime versions 2.0.1, 2.0.2
Description:
The issue concerns a regular expression denial of service that occurs when a mime lookup is performed on untrusted user input.
Recommendations:
For mime versions prior to 1.4.1, update to version 1.4.1 or later.
For mime versions 2.0.1, 2.0.2, update to version 2.0.3 or later.
Exploit
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mime