Description
Versions of validator prior to 3.22.1 are affected by a regular expression denial of service vulnerability in the isURL method.
Recommendation
Update the validator package to the latest compatible version. Followings are version details:
- Affected version(s): < 3.22.1
- Patched version(s): 3.22.1
References
Related Issues
- jsPDF Bypass Regular Expression Denial of Service (ReDoS) - CVE-2025-29907
- MooTools Regular Expression Denial of Service - CVE-2021-32821
- jspdf vulnerable to Regular Expression Denial of Service (ReDoS) - CVE-2021-23353
- Regular Expression Denial of Service in postcss - CVE-2021-23382
You might also like:
- Tags:
- npm
- validator
Anything's wrong? Let us know Last updated on January 09, 2023


