Description
JSON Editor is a web-based tool to view, edit, format, and validate JSON. It has various modes such as a tree editor, a code editor, and a plain text editor. The jsoneditor package is vulnerable to ReDoS (regular expression denial of service).
Recommendation
Update the jsoneditor package to the latest compatible version. Followings are version details:
- Affected version(s): < 9.5.6
- Patched version(s): 9.5.6
References
Related Issues
- MooTools Regular Expression Denial of Service - CVE-2021-32821
- Regular expression denial of service in jquery-validation (GHSA-j9m2-h2pv-wvph) - CVE-2021-43306
- html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS) - CVE-2021-23346
- Regular Expression Denial-of-Service in npm schema-inspector - CVE-2021-21267
- Tags:
- npm
- jsoneditor
Anything's wrong? Let us know Last updated on February 12, 2025