Terser: Security Vulnerabilities
A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 because of the reCustomIgnore regular expression.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-10-31
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.
CVSS Score
5.3
EPSS Score
0.029
Published
2022-07-15