Description
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.
Remediation
References
https://snyk.io/vuln/SNYK-JS-ISUSERVALID-1056766
Related Vulnerabilities
CVE-2017-3201 Vulnerability in maven package com.exadel.flamingo.flex:amf-serializer
CVE-2022-40664 Vulnerability in maven package org.apache.shiro:shiro-core
CVE-2022-41340 Vulnerability in npm package @lionello/secp256k1-js
CVE-2020-13973 Vulnerability in maven package com.mikesamuel:json-sanitizer
CVE-2022-3171 Vulnerability in maven package com.google.protobuf:protobuf-kotlin-lite