1 results (0.001 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2537
https://notcve.org/view.php?id=CVE-2016-2537
The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string. El paquete is-my-json-valid en versiones anteriores a 2.12.4 para Node.js tiene una expresión regular exports['utc-millisec'] incorrecta, lo que permite a atacantes remotos causar una denegación de servicio (bucle de eventos bloqueados) a través de una cadena manipulada. • https://github.com/mafintosh/is-my-json-valid/commit/eca4beb21e61877d76fdf6bea771f72f39544d9b https://nodesecurity.io/advisories/76 • CWE-20: Improper Input Validation •