VYPR

npm package

timespan

pkg:npm/timespan

Vulnerabilities (1)

  • CVE-2017-16115HigJun 7, 2018
    affected <= 2.3.0

    The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds.