Advisories for Npm/Esm package

2019

Regular Expression Denial of Service

A Regular Expression Denial of Service vulnerability was discovered in esm The issue is that esm's find-indexes is using the unescaped identifiers in a regex, which, in this case, causes an infinite loop.