Regular Expression Denial of Service (ReDoS) [SNYK ISSUE]

[rushi-gaikwad-7]

package is vulnerable to Regular Expression Denial of Service (ReDoS) due to using an inefficient pattern when validating emails.

[lukecarr]

Updating to v3.22.3 resolves this. See PR #2824 and commit 2ba00fe for details.

[MateuszKikmunter]

This has been fixed here as @lukecarr mentioned above.

[H0llyW00dzZ]

SNYK still detect vulnerable about this package

[rushi-gaikwad-7]

I have updated to latest version(3.22.3) but still snyk detect vulnerability

[nestordabon]

Same issue still detect vulnerability scan

[colinhacks]

I have updated to latest version(3.22.3) but still snyk detect vulnerability

It's possible you have a metadependency (a dependency of a dependency) that's still using an older version of Zod. Or snyk /npm audit just hasn't been updated.