Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/ajv@7.0.0-alpha.0
purl pkg:npm/ajv@7.0.0-alpha.0
Next non-vulnerable version 8.18.0
Latest non-vulnerable version 8.18.0
Risk 3.4
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-1znw-5dwm-7ydy
Aliases:
CVE-2025-69873
GHSA-2g4f-4pwh-qvx6
ajv has ReDoS when using `$data` option ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the `$data` option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax (`$data` reference), which is passed directly to the JavaScript `RegExp()` constructor without validation. An attacker can inject a malicious regex pattern (e.g., `\"^(a|a)*$\"`) combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with `$data`: true for dynamic schema validation.
8.18.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-1znw-5dwm-7ydy ajv has ReDoS when using `$data` option ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the `$data` option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax (`$data` reference), which is passed directly to the JavaScript `RegExp()` constructor without validation. An attacker can inject a malicious regex pattern (e.g., `\"^(a|a)*$\"`) combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with `$data`: true for dynamic schema validation. CVE-2025-69873
GHSA-2g4f-4pwh-qvx6

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-17T00:17:25.210521+00:00 GitLab Importer Affected by VCID-1znw-5dwm-7ydy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ajv/CVE-2025-69873.yml 38.4.0
2026-04-16T03:44:59.153713+00:00 GHSA Importer Fixing VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.4.0
2026-04-16T03:44:57.594367+00:00 GHSA Importer Affected by VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.4.0
2026-04-12T01:41:39.069274+00:00 GitLab Importer Affected by VCID-1znw-5dwm-7ydy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ajv/CVE-2025-69873.yml 38.3.0
2026-04-11T15:14:18.989014+00:00 GHSA Importer Fixing VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.3.0
2026-04-11T15:14:17.324028+00:00 GHSA Importer Affected by VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.3.0
2026-04-03T01:50:33.139009+00:00 GitLab Importer Affected by VCID-1znw-5dwm-7ydy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ajv/CVE-2025-69873.yml 38.1.0
2026-04-02T15:52:54.350048+00:00 GHSA Importer Fixing VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.1.0
2026-04-02T15:52:52.378644+00:00 GHSA Importer Affected by VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.1.0
2026-04-01T16:07:58.479091+00:00 GHSA Importer Affected by VCID-1znw-5dwm-7ydy https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 38.0.0
2026-04-01T12:53:51.051417+00:00 GitLab Importer Affected by VCID-1znw-5dwm-7ydy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ajv/CVE-2025-69873.yml 38.0.0