A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 when the mpmathify function is called. https://github.com/npm/hosted-git-info/pull/76 https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md https://github.com/yetingli/SaveResults/blob/main/js/hosted-git-info.js https://www.npmjs.com/package/hosted-git-info
Created python-mpmath tracking bugs for this issue: Affects: epel-7 [bug 1974836] Affects: fedora-all [bug 1974835]