By setting allErrors: true in Ajv library, all error objects will be allocated without limit. This allows the attacker to produce a huge number of errors which can lead to denial of service. Do not use allErrors: true in production. Likelihood: LOW Confidence: LOW CWE: - CWE-400: Uncontrolled Resource Consumption