Regular Expression Denial Of Service (ReDoS)

loader-utils is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to insecure regular expression in the url variable of the interpolateName function in interpolateName.js. A remote attacker can cause denial of service via malicious regex...

@alfresco/adf-testing (=6.0.0-A.2-8258), @angular-architects/build-angular (=14.2.0-next.0) +54 more potentially affected by CVE-2022-37603 via loader-utils (>=3.0.0 <=3.2.0)

loader-utils NPM version =3.0.0, =0.9.2, =13.0.0, =1.0.0, =1.3.1, =13.0.0-rc.18, =3.9.0, =13.0.0, =0.1.0, =1.7.4, =4.7.1-beta.0, =4.7.1-beta.0, =9.1.3-beta.1 and more Source cves: CVE-2022-37603 Source advisory: OSV:GHSA-3RFM-JHWJ-7488...

0xgank-tea-advice-pull (=1.0.0), 0xgank-tea-balance-pencil (=1.0.0) +8765 more potentially affected by CVE-2022-37601 via loader-utils (>=2.0.0 <=2.0.2)

loader-utils NPM version =2.0.0, =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on loader-utils and may be impacted: - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +14904 more potentially affected by CVE-2022-37599 via loader-utils (>=1.0.0 <=1.4.1)

loader-utils NPM version =1.0.0, =1.0.1, =1.0.5, =0.1.0, =0.1.0, =1.0.3, =0.1.0, =0.1.2, =0.0.2, =0.3.0, =0.1.4, =0.1.6 and more Source cves: CVE-2022-37599 Source advisory: OSV:GHSA-HHQ3-FF78-JV3G...