Regular Expression Denial of Service (ReDoS)
madnight opened this issue · comments
Regular Expression Denial of Service (ReDoS)
Vulnerable module: highcharts
Introduced through: react-highcharts@16.0.2
Introduced through: react-highcharts@16.0.2 › highcharts@6.0.7
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks. This can cause an impact of about 10 seconds matching time for data 200K characters long.
Analysis by: https://snyk.io/test/github/kirjs/react-highcharts?severity=high&severity=medium&severity=low
Het @madnight thanks for reporting, looks like this is coming from the latest version of highcharts, have you tried reporting it there?