Skip to content

Inefficient Regular Expression Complexity in Validator.js

moderate severity Published Nov 19, 2021 in validatorjs/validator.js
We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

Package

npm validator (npm)

Affected versions

>= 11.1.0, < 13.7.0

Patched versions

13.7.0

Description

Impact

Versions of validator prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the rtrim and trim sanitizers.

Patches

The problem has been patched in validator 13.7.0

References

@profnandaa profnandaa published the maintainer security advisory Nov 7, 2021

GHSA ID

GHSA-xx4c-jj58-r7x6

CVSS Score

5.3 Moderate
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Credits