loader-utils is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the resourcePath
variable in interpolateName.js
, allowing an attacker to crash the application by providing a malicious input