0.001 Low
EPSS
Percentile
43.2%
slug is vulnerable to regular expression denial of service (ReDoS) attacks. The library does not limit the type of characters that get parsed, allowing a malicious user to pass a string to the application to cause a ReDoS.
github.com/dodo/node-slug/blob/master/slug.js#L57
github.com/dodo/node-slug/issues/82
github.com/dodo/node-slug/pull/91
nodesecurity.io/advisories/537