Incorrect Regular Expression in steal - CVE-2022-37262
Published: September 20, 2022
steal
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions in the source and sourceWithComments variable in main.js. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.