jbgutierrez/path-parse

Releases1

Frequency

Last Release about 5 years ago

Stars56

Node.js path.parse() ponyfill

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-23343 ↗	May 4, 2021Tuesday, 4 May 2021, 09:15	5.3 MEDIUM	5 MEDIUM
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.