CVE-2022-25858

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.

References

Affected packages

Git / github.com/terser/terser

Affected ranges

Type: GIT
Repo: https://github.com/terser/terser
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a4da7349fdc92c05094f41d33d06d8cd4e90e76b

Fixed

d8cc5691be980d663c29cc4d5ce67e852d597012

Affected versions

3.*

3.10.11

harmony-v2.*

harmony-v2.7.5

harmony-v2.8.0

harmony-v2.8.10

harmony-v2.8.11

harmony-v2.8.12

harmony-v2.8.13

harmony-v2.8.14

harmony-v2.8.15

harmony-v2.8.17

harmony-v2.8.19

harmony-v2.8.2

harmony-v2.8.21

harmony-v2.8.22

harmony-v2.8.4

harmony-v2.8.5

harmony-v2.8.7

harmony-v3.*

harmony-v3.0.0

harmony-v3.0.1

harmony-v3.0.10

harmony-v3.0.11

harmony-v3.0.12

harmony-v3.0.13

harmony-v3.0.14

harmony-v3.0.15

harmony-v3.0.17

harmony-v3.0.18

harmony-v3.0.19

harmony-v3.0.2

harmony-v3.0.20

harmony-v3.0.21

harmony-v3.0.22

harmony-v3.0.23

harmony-v3.0.24

harmony-v3.0.25

harmony-v3.0.26

harmony-v3.0.27

harmony-v3.0.28

harmony-v3.0.3

harmony-v3.0.4

harmony-v3.0.5

harmony-v3.0.6

harmony-v3.0.7

harmony-v3.0.8

harmony-v3.0.9

harmony-v3.1.0

harmony-v3.1.1

harmony-v3.1.10

harmony-v3.1.2

harmony-v3.1.3

harmony-v3.1.4

harmony-v3.1.5

harmony-v3.1.6

harmony-v3.1.7

harmony-v3.1.8

harmony-v3.1.9

harmony-v3.2.0

harmony-v3.2.1

harmony-v3.2.2

harmony-v3.3.0

harmony-v3.3.1

harmony-v3.3.10

harmony-v3.3.2

harmony-v3.3.3

harmony-v3.3.4

harmony-v3.3.5

harmony-v3.3.6

harmony-v3.3.7

harmony-v3.3.8

harmony-v3.3.9

v2.*

v2.0

v2.1

v2.1.1

v2.1.10

v2.1.11

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.1.7

v2.1.8

v2.1.9

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.3

v2.3.0

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.3.5

v2.3.6

v2.4.0

v2.4.1

v2.4.10

v2.4.11

v2.4.12

v2.4.13

v2.4.14

v2.4.15

v2.4.16

v2.4.18

v2.4.19

v2.4.2

v2.4.20

v2.4.21

v2.4.22

v2.4.23

v2.4.24

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.4.7

v2.4.8

v2.4.9

v2.5.0

v2.6.0

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.7.0

v2.7.1

v2.7.2

v2.7.3

v2.7.4

v2.7.5

v2.8.0

v2.8.1

v2.8.10

v2.8.11

v2.8.12

v2.8.13

v2.8.14

v2.8.15

v2.8.16

v2.8.17

v2.8.18

v2.8.19

v2.8.2

v2.8.20

v2.8.21

v2.8.22

v2.8.3

v2.8.4

v2.8.5

v2.8.6

v2.8.7

v2.8.8

v2.8.9

v3.*

v3.0.0

v3.0.1

v3.0.10

v3.0.11

v3.0.12

v3.0.13

v3.0.14

v3.0.15

v3.0.16

v3.0.17

v3.0.18

v3.0.19

v3.0.2

v3.0.20

v3.0.21

v3.0.22

v3.0.23

v3.0.24

v3.0.25

v3.0.26

v3.0.27

v3.0.28

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.0.8

v3.0.9

v3.1.0

v3.1.1

v3.1.10

v3.1.2

v3.1.3

v3.1.4

v3.1.5

v3.1.6

v3.1.7

v3.1.8

v3.1.9

v3.10.0

v3.10.1

v3.10.10

v3.10.11

v3.10.12

v3.10.13

v3.10.2

v3.10.3

v3.10.4

v3.10.5

v3.10.6

v3.10.7

v3.10.8

v3.11.0

v3.12.0

v3.13.0

v3.13.1

v3.14.0

v3.14.1

v3.16.0

v3.16.1

v3.17.0

v3.2.0

v3.2.1

v3.2.2

v3.3.0

v3.3.1

v3.3.10

v3.3.2

v3.3.3

v3.3.4

v3.3.5

v3.3.6

v3.3.7

v3.3.8

v3.3.9

v3.7.7

v3.7.8

v3.8.0

v3.8.1

v3.8.2

v3.9.1

v3.9.2

v3.9.3

v4.*

v4.0.0

v4.0.1

v4.0.2

v4.1.0

v4.1.2

v4.1.3

v4.2.1

v4.3.0

v4.3.1

v4.3.10

v4.3.11

v4.3.2

v4.3.3

v4.3.4

v4.3.6

v4.3.7

v4.3.8

v4.3.9

v4.4.0

v4.4.1

v4.4.2

v4.4.3

v4.5.0

v4.6.0

v4.6.1

v4.6.10

v4.6.11

v4.6.12

v4.6.13

v4.6.2

v4.6.3

v4.6.4

v4.6.5

v4.6.6

v4.6.8

v4.6.9

v4.7.0

v4.8.0

v5.*

v5.0.0

v5.1.0

v5.10.0

v5.11.0

v5.12.0

v5.12.1

v5.13.0

v5.13.1

v5.14.0

v5.14.1

v5.2.0

v5.2.1

v5.3.0

v5.3.1

v5.3.2

v5.3.3

v5.3.4

v5.3.5

v5.3.6

v5.3.7

v5.3.8

v5.4.0

v5.5.0

v5.5.1

v5.6.0

v5.6.1

v5.7.0

v5.7.1

v5.7.2

v5.8.0

v5.9.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25858.json"