Description
vuelidate is vulnerable to Inefficient Regular Expression Complexity
References (2)
Core 2
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/d8201b98-fb91-4c12-a6f7-181b4a20d9b7
Patch, Third Party Advisory x_refsource_misc
https://github.com/vuelidate/vuelidate/commit/1f0ca31c30e5032f00dbd14c4791b5ee7928f71d
Scores
CVSS v3
7.5
EPSS
0.0028
EPSS Percentile
51.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-1333
Status
published
Products (4)
vuelidate/validators
0 - 2.0.0-alpha.22npm
vuelidate_project/vuelidate
1.0.0 alpha1 (2 CPE variants)
vuelidate_project/vuelidate
2.0.0 alpha0 (25 CPE variants)
vuelidate_project/vuelidate
< 0.7.7
Published
Sep 15, 2021
Tracked Since
Feb 18, 2026