CVE-2021-23346 – Regular Expression Denial of Service (ReDoS)

https://notcve.org/view.php?id=CVE-2021-23346

04 Mar 2021 — This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process. Esto afecta al paquete html-parse-stringify versiones anteriores a 2.0.1; todas las versiones del paquete html-parse-stringify2. Enviando determinada entrada podría causar que una de las expresiones regulares que son usadas para analizar el retroceso, congele el proces... • https://github.com/HenrikJoreteg/html-parse-stringify/blob/master/lib/parse.js%23L2 • CWE-400: Uncontrolled Resource Consumption •