VYPR

npm package

schema-inspector

pkg:npm/schema-inspector

Vulnerabilities (2)

  • CVE-2021-21267Mar 19, 2021
    affected < 2.0.0fixed 2.0.0

    Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector). In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input (for example `a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0

  • CVE-2019-10781Jan 22, 2020
    affected < 1.6.9fixed 1.6.9

    In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector.