steal icon indicating copy to clipboard operation
steal copied to clipboard

Published 20 hours ago verified publisher icon stealjs

[CVE-2022-37263]/ReDos found in babel.js

Open secdevlpr26 opened this issue 2 years ago • 0 comments

A Regular expression denial of service (ReDoS) flaw was found in Function win32 in babel.js in stealjs steal 2.2.4 via the path variable in babel.js.

The ReDoS vulnerability can be mitigated with several best practices described here: https://snyk.io/blog/redos-and-catastrophic-backtracking/

secdevlpr26 avatar Sep 14 '22 09:09 secdevlpr26