CVE-2022-37259
steal Inefficient Regular Expression Complexity vulnerability via string variable in npm/steal
Identifiers
CVE-2022-37259, GHSA-rgqx-226f-2xp4
Package Slug
npm/steal
Vulnerability
steal Inefficient Regular Expression Complexity vulnerability via string variable
Description
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js.
Affected Versions
Version 2.2.4
Solution
Upgrade to version 2.3.0 or above.
Last Modified
2022-09-22
| source |