terser: insecure use of regular expressions leads to ReDoS

A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service ReDoS attacks, affecting system availability...

terser 安全漏洞

terser is a JavaScript parser, handler, and compressor toolkit for ES6+ from the individual developers of terser. A security vulnerability exists in terser versions prior to 4.8.1, 5.0.0, and 5.14.2, which stems from the insecure use of regular expressions, resulting in vulnerability to a Regular...