3 matches found
@mach25/karma-qunit-jsmockito-jshamcrest (>=0.0.1 <=0.0.2), jsmockito (>=1.0.4 <=1.0.5) +3 more potentially affected by CVE-2016-10521 via jshamcrest (>=0.6.7 <=0.7.1)
jshamcrest NPM version =0.6.7, =0.0.1, =1.0.4, =0.0.2, =0.0.0, =0.3.1, =0.15.0 Source cves: CVE-2016-10521 Source advisory: OSV:GHSA-XJ62-87PG-VCV3...
CVE-2016-10521
jshamcrest is vulnerable to regular expression denial of service ReDoS when certain types of user input is passed in to the emailAddress validator...
CVE-2016-10521
The CVE-2016-10521 issue affects the jshamcrest library, specifically the emailAddress validator. The underlying vulnerability is a regular expression denial of service (ReDoS) caused by certain user inputs, with PoC details showing heavy input can block the event loop. Documented impact indicate...