Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...

Validator.js 安全漏洞

Validator.js is a string validator open source by validatorjs A security vulnerability exists in Validator.js versions prior to 13.15.22, which stems from the isLength function not taking into account the Unicode variant selector, which could lead to improper string length calculation...