Regular Expression Denial of Service
Affected versions of
debug are vulnerable to regular expression denial of service when untrusted user input is passed into the
As it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.
Version 2.x.x: Update to version 2.6.9 or later. Version 3.x.x: Update to version 3.1.0 or later.