GHSA-3X8R-X6XP-Q4VM Uncontrolled Recursion in Loofah

Summary Loofah = 2.2.0, = 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized. Severity The Loofah maintainers have evaluated this as High Severity 7.5 CVSS3.1. References - CWE - CWE-674: Uncontrolled Recursi...

Denial of Service in Page Error Handling

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C 5.5 CWE-405, CWE-674 Status: DRAFT Problem Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a...