Moderate severity vulnerability that affects is-my-json-valid

2018-07-31T22:54:14
ID GHSA-CCQ6-3QX5-VMQX
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:02

Description

Withdrawn, accidental duplicate publish.

The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string.