Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10539. Reason: This candidate is a duplicate of CVE-2016-10539. Notes: All CVE users should reference CVE-2016-10539 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

A regular expression denial of service flaw was found in Negotiator. An attacker able to make an application using Negotiator to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10539. Reason: This candidate is a duplicate of CVE-2016-10539. Notes: All CVE users should reference CVE-2016-10539 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

negotiator before 0.6.1 is vulnerable to a regular expression DoS