EPSS
Percentile
38.2%
is_js is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for url matching in is.js allowing an attacker to crash the application by providing malicious urls.
is.js
github.com/arasatasaygin/is.js/issues/320
securitylab.github.com/advisories/GHSL-2020-295-redos-is.js
securitylab.github.com/advisories/GHSL-2020-295-redos-is.js/