Lucene search

K
osvGoogleOSV:GHSA-545Q-3FG6-48M7
HistoryMar 18, 2021 - 7:39 p.m.

html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS)

2021-03-1819:39:31
Google
osv.dev
6

0.003 Low

EPSS

Percentile

69.6%

This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process.

0.003 Low

EPSS

Percentile

69.6%