Description
oswasp:
The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size).
Recommendation
Update the @highlightjs/cdn-assets package to the latest compatible version. Followings are version details:
- Affected version(s): < 10.4.1
- Patched version(s): 10.4.1
References
Related Issues
- Prototype Pollution in jquery-deparam - CVE-2021-20087
- files.photo.gallery command injection - CVE-2024-53615
- Potential XSS vulnerability in jQuery - CVE-2020-11023
- mapshaper Path Traversal vulnerability - CVE-2024-1163
- Tags:
- npm
- @highlightjs/cdn-assets
Anything's wrong? Let us know Last updated on January 09, 2023