loader-utils: regular expression denial of service in interpolateName.js

A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service ReDoS...

CVE-2022-37599

A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service ReDoS. Mitigation Mitigation for this issue is either not available or the...

Regular Expression Denial Of Service (ReDoS)

loader-utils is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the resourcePath variable in interpolateName.js, allowing an attacker to crash the application by providing a malicious input...

CVE-2022-37599

A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...

PT-2022-24021 · Webpack +1 · Loader-Utils +1

Name of the Vulnerable Software and Affected Versions: webpack loader-utils version 2.0.0 Description: A Regular expression denial of service ReDoS flaw was found in the interpolateName function in interpolateName.js via the resourcePath variable. This issue could be exploited by sending crafted...