3 matches found
CVE-2021-32723
PrismJS Prism before v1.24.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when highlighting untrusted text. Specifically, ASCIIDoc and ERB are susceptible to crafted input that can cause excessive highlighting time; other languages are not affected. The vulnerability has been fix...
CVE-2021-3801
CVE-2021-3801 : Prismjs Prism vulnerable to a denial of service via inefficient regular expression complexity. A crafted input (e.g., crafted HTML comment) can trigger high CPU usage in Prism highlighting. Affected: Prismjs components relying on regex for highlighting. No exploits/vectors detaile...
CVE-2021-23341
CVE-2021-23341 : PrismJS before 1.23.0 is vulnerable to a Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap, and prism-eiffel components. Connected advisories/tracking confirm the affected package and remediation guidance. Remediation: upgrade PrismJS to v...