BÊTA Shoulder est en bêta — Les résultats peuvent parfois être incorrects. Vos retours façonnent ce que nous corrigeons ensuite. Donner mon avis
Shoulder.dev

Renseignement sur les Menaces pour Développeurs
LOW PRIORITY FIX Monitor
This vulnerability is not widely exploited.
No urgency. Patch when a fix becomes available.

debug ReDoS

Regular expression denial of service in debug module

Severity CVSS MEDIUM 5.3
Exploitation Shoulder No known exploits
Fix available No patch yet
CVE-2017-16137 npm / debug

How to fix

Affected packages

npm debug

Is this in your code?

Shoulder scans your codebase and tells you if CVE-2017-16137 is reachable — not just present.

npx @shoulderdev/cli trust .
Technical details

Risk by Environment

Production (public-facing) MEDIUM
Schedule patch in next sprint.
Staging LOW
Patch when convenient.
Internal services LOW
Low priority unless handling sensitive data.
Local dev only LOW
Minimal concern for isolated environments.

Detection Rules 8 rules

CWE-400 8 rules

Uncontrolled Resource Consumption

LLM Denial of Service
Missing Request Size Limits
Denial of Service via Resource Exhaustion

External References

NVD View on NVD →
MITRE View on MITRE →
Back to Ecosystem Intelligence Browse CWE Index