Regular Expression Denial Of Service (ReDoS)

uri-template-lite is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the expandRe attribute in index.js, allowing an attacker to crash the application by providing a malicious input through the URI.expand method...

GHSA-CHW2-6C7R-37P7 uri-template-lite Regular Expression Denial of Service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input to the "URI.expand" method...