-
Notifications
You must be signed in to change notification settings - Fork 916
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[CVE-2021-3765][1.x] bump validator from 8.2.0 to 13.9.0 (#3725)
validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity. 1.x is using "validator@8.2.0". Main has been bumped to 13.7.0 via PR #1106. The solution is to backport it on 1.x. Backport PR: #1106 Issue Resolved: #1063 Signed-off-by: Anan Zhuang <ananzh@amazon.com> Co-authored-by: Josh Romero <rmerqg@amazon.com>
- Loading branch information
1 parent
65deacb
commit 53ae3cf
Showing
3 changed files
with
147 additions
and
96 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.