CVE-2025-45143 Information

Description

string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.

Reference

https://gist.github.com/6en6ar/361608bccedb808061359481fe2f1b39 https://github.com/devrafalko/string-math/blob/master/string-math.js https://www.npmjs.com/package/string-math%2C

Related CNNVD

CNNVD-202506-3775 (Published: 2025-06-30)