CX: CVE-2022-25858 in Npm-terser and 4.8.0 @ TodoList_mern.main

itsKedar commented 2 years ago

Description

The package terser before 4.8.1, and 5.0.x before 5.14.2 is vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.

HIGH Vulnerable Package issue exists @ terser in branch main

Vulnerability ID: CVE-2022-25858

Package Name: terser

Severity: HIGH

CVSS Score: 7.5

Publish Date: 2022-07-15T06:34:00

Current Package Version: 4.8.0

Remediation Upgrade Recommendation: 4.8.1

Link To SCA

Reference – NVD link

itsKedar commented 2 years ago

Issue still exists.

itsKedar commented 2 years ago

Issue still exists.

itsKedar commented 2 years ago

Issue still exists.

itsKedar / TodoList_mern

CX: CVE-2022-25858 in Npm-terser and 4.8.0 @ TodoList_mern.main #20