Naivete Precedes Misrepresentation
Severity: high

Regular Expression Denial of Service

validator

Overview

Versions of validator prior to 3.22.1 are affected by a regular expression denial of service vulnerability in the isURL method.

Remediation

Update to version 3.22.1 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. reported

    Oct 17th, 2015
  2. published

    Advisory published
    Nov 12th, 2014