Excessive CPU Consumption Vulnerability in is-my-json-valid Library

Excessive CPU Consumption Vulnerability in is-my-json-valid Library

CVE-2018-1107 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated.

Learn more about our Web Application Penetration Testing UK.