EPSS
Percentile
42.0%
express-validators is vulnerable to Regular Expression Denial of Service (ReDoS). An attacker is able to crash the application via a malicious URL due to the insecure usage of regex to validate URLs.
github.com/scopdrag/express-validators/blob/1.0.2/src/index.js#L611