| Name | CVE-2021-3765 |
| Description | validator.js is vulnerable to Inefficient Regular Expression Complexity |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| validator.js | source | (unstable) | (unfixed) | | | |
Notes
[stretch] - validator.js <postponed> (Minor issue, ReDOS, partial fix, no rdeps)
https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1 (13.7.0)
partial fix, only applies to chars==null