logo

Database

Improper resource allocation In ansi-html

Description

Uncontrolled Resource Consumption in ansi-html This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2021-234242. NVD-2021-234243. OSV-2021-234244. GHSA-4fjc-8q3h-8r695. GCVE-2021-23424

References

1. https://github.com/ioet/time-tracker-ui/security/advisories/GHSA-4fjc-8q3h-8r692. https://github.com/Tjatse/ansi-html/issues/193. https://github.com/Tjatse/ansi-html/commit/8142b25bca3133ea060bcc1889277dc482327a63

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.