Advisories for Npm/Es5-Ext package

2024

es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

Impact Passing functions with very long names or complex default argument names into function#copy orfunction#toStringTokens may put script to stall Patches Fixed with https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2 and https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602 Published with v0.10.63 Workarounds No real workaround aside of refraining from using above utilities. References https://github.com/medikoo/es5-ext/issues/201