steal icon indicating copy to clipboard operation
steal copied to clipboard

Published 20 hours ago verified publisher icon stealjs

[CVE-2022-37262]/ReDos found in main.js

Open secdevlpr26 opened this issue 2 years ago • 0 comments

A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js.

The ReDoS vulnerability can be mitigated with several best practices described here: https://snyk.io/blog/redos-and-catastrophic-backtracking/

secdevlpr26 avatar Sep 14 '22 09:09 secdevlpr26