js · joiHeads-up
joi: Denial of service via untrapped exception in recursive link schemas
Denial of service via untrapped exception in services validating user-supplied JSON/object input with recursive link schemas.
What changed
Denial of service via untrapped exception in services validating user-supplied JSON/object input with recursive link schemas.
Who it affects
Applications using joi to validate user-supplied JSON/object input with recursive link schemas.
What to do today
Upgrade to version >= 18.2.1 or wrap validation calls in try/catch.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · joi