The package sanitize-html before... CVE-2022-25887

- AV AC AU C I A
发布: 2022-08-30
修订: 2023-08-08

The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息