Vulnerabilities/

Inefficient Regular Expression Complexity in Validator.js - validator

Severity:: Medium

Description

Versions of validator prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the rtrim and trim sanitizers.

Recommendation

Update the validator package to the latest compatible version. Followings are version details:

Affected version(s): >= 11.1.0, < 13.7.0
Patched version(s): 13.7.0

References

Related Issues

string-kit Inefficient Regular Expression Complexity vulnerability - CVE-2021-4299
steal Inefficient Regular Expression Complexity vulnerability via string variable - CVE-2022-37259
debug Inefficient Regular Expression Complexity vulnerability - CVE-2017-20165
axios Inefficient Regular Expression Complexity vulnerability - CVE-2021-3749

You might also like:

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:: npm; validator

Anything's wrong? Let us know Last updated on January 11, 2023