Uncaught Exception

CVE-2014-8882

High

7.5/10

Summary

Validator prior to 3.21.0 is affected by a regular expression denial of service vulnerability in the isURL method

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-248 - Uncaught Exception

An exception is thrown from a function, but it is not caught.

References

Advisory Timeline

Published Nov 12, 2014