Medium severity5.3NVD Advisory· Published Jun 1, 2021· Updated Jun 17, 2026
CVE-2021-23388
CVE-2021-23388
Description
The package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via email validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
formsnpm | < 1.3.2 | 1.3.2 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/caolan/forms/pull/214/commits/d4bd5b5febfe49c1f585f162e04ec810f8dc47a0nvdPatchThird Party AdvisoryWEB
- snyk.io/vuln/SNYK-JS-FORMS-1296389nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-c56f-grv3-gpfrghsaADVISORY
- github.com/caolan/forms/pull/214nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2021-23388ghsaADVISORY
News mentions
0No linked articles in our index yet.