EUVD-2020-0512

Malware in sbrugna...

EUVD-2021-0649

Malware in sbrugna...

CVE-2021-21267

Schema-Inspector is an open-source tool to sanitize and validate JS objects npm package schema-inspector. In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input for example...

Regular Expression Denial Of Service (ReDoS)

schema-inspector is vulnerable to regular expression denial of service ReDoS. The vulnerability exists through the email validation method where an input such as example@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. would result in large consumption of...

CVE-2021-21267

Schema-Inspector is an open-source tool to sanitize and validate JS objects npm package schema-inspector. In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input for example...

CVE-2021-21267

Schema-Inspector is an open-source tool to sanitize and validate JS objects npm package schema-inspector. In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input for example...

Input validation

Schema-Inspector is an open-source tool to sanitize and validate JS objects npm package schema-inspector. In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input for example...

CVE-2021-21267 Regular Expression Denial-of-Service in npm schema-inspector

Schema-Inspector is an open-source tool to sanitize and validate JS objects npm package schema-inspector. In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input for example...

CVE-2021-21267

Summary of CVE-2021-21267: Schema-Inspector (npm package schema-inspector) is vulnerable to a denial-of-service via email validation in before version 2.0.0. The issue is caused by a pathological input that triggers ReDoS during email validation, freezing the program or browser page. This affects...

Regular Expression Denial of Service

Overview There is a regular expression denial-of-service in schema-inspector. Impact Email address validation is vulnerable to a denial-of-service attack where some input for example a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. will freeze the program...

@arpinum/backend (>=0.0.3 <=0.0.65), @austbot/wallet-sdk (=1.0.0-beta.21) +135 more potentially affected by CVE-2021-21267 via schema-inspector (>=1.4.2 <=1.7.0)

schema-inspector NPM version =1.4.2, =0.0.3, =0.1.0, =0.1.5, =0.1.1, =0.0.3, =0.0.1, =1.0.0, =3.2.7, =3.3.4, =0.0.3, =2.0.0, =0.0.1, =4.1.2 and more Source cves: CVE-2021-21267 Source advisory: OSV:GHSA-F38P-C2GQ-4PMR...

GHSA-F38P-C2GQ-4PMR Regular Expression Denial-of-Service in npm schema-inspector

Impact What kind of vulnerability is it? Who is impacted? Email address validation is vulnerable to a denial-of-service attack where some input for example a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. will freeze the program or web browser page...

Regular Expression Denial-of-Service in npm schema-inspector

Impact What kind of vulnerability is it? Who is impacted? Email address validation is vulnerable to a denial-of-service attack where some input for example a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. will freeze the program or web browser page...

Npm Schema-Inspector 资源管理错误漏洞

Npm Schema-Inspector is an application from the United States Npm. An open source tool for cleaning and validating JS objects. A resource management error vulnerability exists in npm schema-inspector before version 2.0.0, which stems from the fact that email address validation is vulnerable to...

app.io (>=0.0.1 <=0.0.4), feathers-validation (>=0.5.0 <=0.5.1) +6 more potentially affected by CVE-2019-10781 via schema-inspector (>=1.4.2 <=1.6.8)

schema-inspector NPM version =1.4.2, =0.0.1, =0.5.0, =3.8.1, =1.0.2, =1.0.0, =0.2.0, =0.5.0 Source cves: CVE-2019-10781 Source advisory: OSV:GHSA-R24H-634P-M72X...

Validation Bypass in schema-inspector

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the sanitize and the validate function used within schema-inspector...

GHSA-R24H-634P-M72X Validation Bypass in schema-inspector

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the sanitize and the validate function used within schema-inspector...

Information Disclosure

schema-inspector is vulnerable to information disclosure. The vulnerability exists as the sanitize and validate functions can be bypassed, causing object's prototype properties to be enumerable...

CVE-2019-10781

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the sanitize and the validate function used within schema-inspector...

CVE-2019-10781

Schema-inspector (JS package) is affected by CVE-2019-10781 through versions before 1.6.9. A specially crafted JavaScript object can bypass sanitize() and validate(), enabling information exposure and potential property tampering. The root cause is the bypass of input sanitisation/validation with...