{"id":"CVE-2017-16138","details":"The mime module \u003c 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.","aliases":["GHSA-wrvr-8mpx-r7pp"],"modified":"2026-03-13T23:19:22.185022Z","published":"2018-06-07T02:29:03.863Z","references":[{"type":"ADVISORY","url":"https://nodesecurity.io/advisories/535"},{"type":"EVIDENCE","url":"https://github.com/broofa/node-mime/issues/167"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/broofa/mime","events":[{"introduced":"0"},{"fixed":"eb24bae372a76acd2c95fd05f8837814c33a9e3d"},{"introduced":"371e7e933dfbdc12a54266ea7da2f16b147f5107"},{"fixed":"f2d859eb53607b909cca03858429035bb025b21a"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.4.1"},{"introduced":"2.0.1"},{"fixed":"2.0.3"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16138.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}