Skip to content

vectoriadb@2.0.2

Choose a tag to compare

View all tags
@github-actions github-actions released this 07 Jan 20:55
· 41 commits to main since this release
vectoriadb@2.0.2
3928642
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

vectoriadb v2.0.2

📦 npm: vectoriadb@2.0.2

Fixed

  • Regex vulnerability detection now trims analyzed patterns to 500 characters and evaluates them through bounded helper regexes to avoid the analyzer triggering ReDoS.
  • Redis namespace sanitization bounds the namespace prior to regex processing and swaps in precompiled SAFE_PATTERNS to strip control characters and unsafe symbols deterministically.

Security

  • Hardened both the regex analyzer and namespace sanitizer so untrusted input can no longer leverage those code paths for ReDoS attacks.
Assets 2
Loading