GHSA-9qj9-36jm-prpv
GitHub Security Advisory
Regular Expression Denial of Service in fresh
✓ GitHub Reviewed
HIGH
Has CVE
Advisory Details
Affected versions of `fresh` are vulnerable to regular expression denial of service when parsing specially crafted user input.
## Recommendation
Update to version 0.5.2 or later.
Affected Packages
npm
fresh
Affected versions:
0
(fixed in 0.5.2)
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: July 2, 2025 6:26 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.