CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-45143: string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.
Description
string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.
Classification
CVE ID: CVE-2025-45143
Affected Products
Vendor: n/a
Product: n/a
References
https://nvd.nist.gov/vuln/detail/CVE-2025-45143https://www.npmjs.com/package/string-math%2C
https://github.com/devrafalko/string-math/blob/master/string-math.js
https://gist.github.com/6en6ar/361608bccedb808061359481fe2f1b39