Vulnerabilities

CVE-2021-23346

by Fred · 04/03/2021

This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process.

Date published : 2021-03-04

https://github.com/HenrikJoreteg/html-parse-stringify/blob/master/lib/parse.js%23L2

https://github.com/HenrikJoreteg/html-parse-stringify/commit/c7274a48e59c92b2b7e906fedf9065159e73fe12

Similar

Tags: Cybersecurity Alert