Piman51277

**Name of the Vulnerable Software and Affected Versions** tf2-item-format versions 4.2.6 through 5.9.13 **Description** The issue is related to a Regular Expression Denial of Service (ReDoS) attack when parsing crafted user input. This can be exploited by an attacker to perform DoS attacks on any service that uses tf2-item-format to parse user input. **Recommendations** For versions 4.2.6 through 5.8.10, upgrade the package to version 5.9.14. For version 5.9.13, upgrade the package to version 5.9.14. For versions prior to 5.9.14, consider upgrading to version 5.9.14 to resolve the issue. If upgrading to v5 is not possible, consider forking the module repository and implementing the fix detailed in the v4 to v5 migration guide.