terser 3.10.12
1 security vulnerability
found in version
3.10.12
Terser insecure use of regular expressions leads to ReDoS
high severity CVE-2022-25858
high severity
CVE-2022-25858
Affected versions:
< 4.8.1
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.
Author did not declare license for this package in the source code.
This package version has a BSD-3-Clause license in the source code, however it was not declared in the source code.
This package version is available.
This package version has not been yanked and is still available for usage.