Description
all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service.
Remediation
References
https://github.com/kevva/url-regex/issues/70
https://snyk.io/vuln/SNYK-JS-URLREGEX-569472
Related Vulnerabilities
CVE-2019-10808 Vulnerability in npm package utilitify
CVE-2023-29524 Vulnerability in maven package org.xwiki.platform:xwiki-platform-scheduler-ui
CVE-2016-8744 Vulnerability in maven package org.apache.brooklyn:brooklyn
CVE-2020-7656 Vulnerability in npm package jquery
CVE-2020-7238 Vulnerability in maven package io.netty:netty-codec-http