NextGuard
UNKNOWNCVE-2022-25858

Terser insecure use of regular expressions leads to ReDoS

Platform

nodejs

Component

terser

Fixed in

4.8.1

View on NVD

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.

How to fix

Actualice el paquete terser a la versión 4.8.1 o superior, o a la versión 5.14.2 o superior. Esto corrige la vulnerabilidad de Denegación de Servicio por Expresión Regular (ReDoS) causada por el uso inseguro de expresiones regulares.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free