1 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string. El paquete is-my-json-valid en versiones anteriores a 2.12.4 para Node.js tiene una expresión regular exports['utc-millisec'] incorrecta, lo que permite a atacantes remotos causar una denegación de servicio (bucle de eventos bloqueados) a través de una cadena manipulada. • https://github.com/mafintosh/is-my-json-valid/commit/eca4beb21e61877d76fdf6bea771f72f39544d9b https://nodesecurity.io/advisories/76 • CWE-20: Improper Input Validation •