string-math's string-math.js vulnerability can cause Regex Denial of Service (ReDoS)
string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.
Advisories for Npm/String-Math package
2025
string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.