Lucene search
RedhatCVELIST:CVE-2018-1107HistoryMar 30, 2021 - 1:48 a.m.
CVE-2018-1107
2021-03-3001:48:27
CWE-400
redhat
www.cve.org
2
cve-2018-1107
is-my-json-valid
javascript library
inefficient regular expression
json fields
email format
cpu time
It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated.
CNA Affected
[
{
"product": "nodejs-is-my-json-valid",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "is-myjson-valid 2.17.2, is-myjson-valid 1.4.1"
}
]
}
]Related
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2018-02-23 02:03:40
cve
cve
CVE-2018-1107
2021-03-30 02:15:14
nvd
nvd
CVE-2018-1107
2021-03-30 02:15:14
prion
prion
Design/Logic Flaw
2021-03-30 02:15:00
osv
osv
Regular expression deinal of service (ReDoS) in is-my-json-valid
2022-01-06 20:44:07
github
github
Regular expression deinal of service (ReDoS) in is-my-json-valid
2022-01-06 20:44:07
redhatcve
redhatcve
CVE-2018-1107
2018-04-18 18:48:38
redhat
redhat
