GHSA-27V5-C462-WPQ7 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple wildcards
Impact When using multiple wildcards, combined with at least one parameter, a regular expression can be generated that is vulnerable to ReDoS. This backtracking vulnerability requires the second wildcard to be somewhere other than the end of the path. Unsafe examples: /foo-bar-:baz /a-:b-c-:d...