VYPR

npm package

uri-js

pkg:npm/uri-js

Vulnerabilities (1)

  • CVE-2017-16021MedJun 4, 2018
    affected < 3.0.0fixed 3.0.0

    uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU