Summary
ajv (JSON Schema validator) versions prior to 6.14.0 (v6 branch) and 8.18.0 (v8 branch) contain a Regular Expression Denial of Service (ReDoS) vulnerability triggered when the $data option is enabled.
Impact
If specially crafted schemas are processed with $data references, the validator can enter catastrophic backtracking, causing the process to hang. This is a denial-of-service risk in any validator code path that accepts user-controlled schemas.
ajv is pulled in as a transitive dependency via vitest, eslint, and other dev tooling.
Steps to verify
npm ls ajv
npm audit 2>&1 | grep ajv
Recommendation
If this cannot be auto-resolved, identify which direct dependency pins the old version and update it. Ensure the installed version is:
ajv@6.x → >=6.14.0
ajv@8.x → >=8.18.0
References
Summary
ajv(JSON Schema validator) versions prior to6.14.0(v6 branch) and8.18.0(v8 branch) contain a Regular Expression Denial of Service (ReDoS) vulnerability triggered when the$dataoption is enabled.Impact
If specially crafted schemas are processed with
$datareferences, the validator can enter catastrophic backtracking, causing the process to hang. This is a denial-of-service risk in any validator code path that accepts user-controlled schemas.ajvis pulled in as a transitive dependency viavitest,eslint, and other dev tooling.Steps to verify
Recommendation
If this cannot be auto-resolved, identify which direct dependency pins the old version and update it. Ensure the installed version is:
ajv@6.x→>=6.14.0ajv@8.x→>=8.18.0References