Commit b79205f
UID2-6838: upgrade path-to-regexp to fix CVE-2026-4926 DoS
Upgrades path-to-regexp from 8.2.0 to 8.4.1 to fix GHSA-j3q9-mxjg-w52f
(CVE-2026-4926), a HIGH severity DoS vulnerability where sequential optional
route groups cause exponential regex expansion.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>1 parent 57db55d commit b79205f
2 files changed
Lines changed: 9 additions & 7 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
76 | 76 | | |
77 | 77 | | |
78 | 78 | | |
79 | | - | |
| 79 | + | |
80 | 80 | | |
81 | 81 | | |
82 | 82 | | |
| |||
0 commit comments