PT-2019-20065 · Npm · Esm
Published
2019-06-20
·
Updated
2019-06-20
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
esm versions prior to 3.1.0
Description
A Regular Expression Denial of Service issue was discovered. The problem arises because esm's find-indexes uses unescaped identifiers in a regex, causing an infinite loop.
Recommendations
For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue.
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Esm