word-wrap 安全漏洞

word-wrap is a library by Jon Schlinkert, an individual developer in the United States. It is used to wrap words to a specified length. A security vulnerability exists in word-wrap, which stems from the use of an insecure regular expression in the result variable...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable. Note: The regex is vulnerable on its own, but the vulnerable function is not reachable as shipped in the package...