vulnerability in requarks project #7689
Unanswered
ankitdn
asked this question in
Error / Bug Report
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
While working on requarks project, I discovered a Regex Denial of Service (ReDoS) vulnerability CVE-2025-45143 in the string-math npm package (this dependency used by requarks). The flaw allows specially crafted input to trigger catastrophic regex backtracking, leading to high CPU usage and potential application crashes.
CVE Link
CVE Report
Beta Was this translation helpful? Give feedback.
All reactions