Lucene search

K
osvGoogleOSV:GHSA-4CV2-XC5F-PX8H
HistoryMay 15, 2024 - 6:03 p.m.

Denial of Service in extension "Code Highlight" (codehighlight)

2024-05-1518:03:37
Google
osv.dev
2
code highlight
vulnerable
prism
denial of service
redos

7 High

AI Score

Confidence

High

The codehighlight extension bundles a vulnerable version of the 3rd party JavaScript component “prism” which is known to be vulnerable against Regular expression Denial of Service (ReDoS).

7 High

AI Score

Confidence

High