CVE-2023-26115

Name of the Vulnerable Software and Affected Versions word-wrap versions all

Description The issue is related to the use of a regular expression with inefficient computational complexity in the word-wrap module of the Node.js platform. This can be exploited by a remote attacker to cause a denial of service. The vulnerability is due to the usage of an insecure regular expression within the result variable.

Recommendations For all versions, consider disabling the use of the word-wrap module until a secure version is available. As a temporary workaround, restrict the input to the result variable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.