Описание
Inefficient Regular Expression Complexity in vuelidate
vuelidate is a simple, lightweight model-based validation for Vue.js 2.x & 3.0. A ReDoS (regular expression denial of service) flaw was found in the @vuelidate/validators package. An attacker that is able to provide crafted input to the url(input) function may cause an application to consume an excessive amount of CPU.
Пакеты
Наименование
@vuelidate/validators
npm
Затронутые версииВерсия исправления
<= 2.0.0-alpha.21
2.0.0-alpha.22
Связанные уязвимости
CVSS3: 7.5
nvd
больше 4 лет назад
vuelidate is vulnerable to Inefficient Regular Expression Complexity