validator

npm6 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting validatorpage 1 of 1

CVE-2013-7451MEDIUMCVSS 6.1EG 6.1✓ Fixed in 1.1.0
2017-01-23
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag.
CVE-2013-7452MEDIUMCVSS 6.1EG 6.1✓ Fixed in 1.1.0
2017-01-23
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.
CVE-2013-7453MEDIUMCVSS 6.1EG 6.1✓ Fixed in 1.1.0
2017-01-23
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.
CVE-2013-7454MEDIUMCVSS 6.1EG 6.1✓ Fixed in 1.1.0
2017-01-23
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
CVE-2014-9772MEDIUMCVSS 6.1EG 6.1✓ Fixed in 2.0.0
2017-01-23
The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.
CVE-2021-3765HIGHCVSS 7.5EG 7.5✓ Fixed in 13.7.0
2021-11-02
validator.js is vulnerable to Inefficient Regular Expression Complexity

Check whether validator is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for validator CVEs against the assets you own.

Start Free Scan →