is-my-json-valid
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting is-my-json-validpage 1 of 1
- CVE-2016-2537HIGHCVSS 7.5EG 7.5✓ Fixed in 2.12.42016-02-23
The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string.
- CVE-2018-1107MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.4.12021-03-30
It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU …
Check whether is-my-json-valid is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for is-my-json-valid CVEs against the assets you own.
Start Free Scan →