CVE-2023-26115 Information

Jun 23, 2023 cve

Description

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.

Reference

https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-4058657 https://github.com/jonschlinkert/word-wrap/blob/master/index.js%23L39 https://security.snyk.io/vuln/SNYK-JS-WORDWRAP-3149973

Share on: