logo

Database

Asymmetric denial of service In express-validators

Description

Regular expression deinal of service in express-validators All versions of package express-validators are vulnerable to Regular Expression Denial of Service (ReDoS) when validating specifically-crafted invalid urls.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2020-77672. NVD-2020-77673. OSV-2020-77674. GCVE-2020-7767

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.