VYPR
High severity7.5NVD Advisory· Published Feb 23, 2016· Updated Jun 17, 2026

CVE-2016-2537

CVE-2016-2537

Description

The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
is-my-json-validnpm
< 2.12.42.12.4

Affected products

2

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.