Description
The riot-compiler version version 2.3.21 has an issue in a regex (Catastrophic Backtracking) thats make it unusable under certain conditions.
Remediation
References
https://nodesecurity.io/advisories/86
https://github.com/riot/compiler/issues/46
Related Vulnerabilities
CVE-2022-34115 Vulnerability in maven package io.dataease:dataease-plugin-common
CVE-2019-19771 Vulnerability in npm package bpi66
CVE-2019-10174 Vulnerability in maven package org.infinispan:infinispan-commons
CVE-2022-1243 Vulnerability in maven package org.webjars.bower:urijs
CVE-2023-46604 Vulnerability in maven package org.apache.activemq:activemq-openwire-legacy