search

node-swig / swig-templates

Take a swig of the best template engine for JavaScript.
http://node-swig.github.io/swig-templates/
MIT License
209 stars 29 forks source link

Vulnerability - Regular Expression Denial of Service (ReDoS) via uglify-js #81

Open naveentej opened 2 years ago

naveentej commented 2 years ago

https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251 swig-templates@2.0.3 > uglify-js@2.6.0

uglify-js has addressed this with a fix in v3.14.3. swig-templates needs an update asap as it is using a specific version (2.6.0).