html-parse-stringify2 is vulnerable to regular express denial of service (ReDoS). The vulnerability exists through the regular expression of tagRE
where parsing strings with multiple '
and "
can consume huge amount of CPU resources.
CPE | Name | Operator | Version |
---|---|---|---|
html-parse-stringify2 | le | 2.0.0 |