0.001 Low
EPSS
Percentile
41.2%
url-regex is vulnerable to Regular Expression Denial of Service (ReDoS). The attackers can send requests with very long strings to String.test to trigger an application crash by exhausting memory and high processing power.
String.test
github.com/kevva/url-regex/issues/70
npmjs.com/advisories/1550