Lucene search

K
githubGitHub Advisory DatabaseGHSA-65XH-HH78-6454
HistoryMay 15, 2024 - 6:03 p.m.

Denial of Service in extension "Code Highlight" (codehighlight)

2024-05-1518:03:12
GitHub Advisory Database
github.com
3
code highlight
extension
vulnerability
redos
prism
javascript
denial of service

7 High

AI Score

Confidence

High

The codehighlight extension bundles a vulnerable version of the 3rd party JavaScript component “prism” which is known to be vulnerable against Regular expression Denial of Service (ReDoS).

Affected configurations

Vulners
Node
brotkruemlcodehighlightRange<2.7.0
CPENameOperatorVersion
brotkrueml/codehighlightlt2.7.0

7 High

AI Score

Confidence

High