CVE-2022-25858

Published July 15th, 2022

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.

terser/terser

🗜 JavaScript parser, mangler and compressor toolkit for ES6+

GitHub

9.3K