Regular Expression Denial Of Service (ReDoS)

moment is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the inefficient regex pattern used in the preprocessRFC2822 function of from-string.js, allowing an attacker to crash the application by providing malicious inputs of more than 10k characters...

Regular Expression Denial Of Service (ReDoS)

string.js is vulnerable to regular expression denial of service ReDoS attacks. The library does not restrict the type of characters that get parsed, allowing a malicious user to pass a string to cause a ReDoS...