find-my-way is a fast, open source HTTP router, internally using a Radix Tree (aka compact Prefix Tree), supports route params, wildcards, and it's framework independent. A bad regular expression is generated any time one has two parameters within a single segment, when adding a `-` at the end, like `/:a-:b-`. This may cause a denial of service in some instances. Users are advised to update to find-my-way v8.2.2 or v9.0.1. or subsequent versions. There are no known workarounds for this issue.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| find-my-way(npm) | 5.5.0 | 8.2.2 | N/A |
| find-my-way(npm) | 9.0.0 | 9.0.1 | N/A |
CVSS Metrics
