Vulnerability in Kap project

While working on Kap project, I discovered a Regex Denial of Service (ReDoS) vulnerability [CVE-2025-45143](https://vulert.com/vuln-db/CVE-2025-45143) in the string-math npm package (this dependency used by kap). The flaw allows specially crafted input to trigger catastrophic regex backtracking, leading to high CPU usage and potential application crashes. 

[CVE Link](https://vulert.com/vuln-db/CVE-2025-45143)
 [CVE Report](https://vulert.com/vuln-scan/list/b9588b82-0fdc-40ba-8aa6-2c766742a100?sort_order=desc&sort_by=created_at)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Vulnerability in Kap project #1252

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Vulnerability in Kap project #1252

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions