-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SNYK Security Vulnerablity: ReDoS #47
Comments
Hey. Is development on this project active at all? If so, is this issue going to be addressed anytime soon? |
abdvl
added a commit
to abdvl/datahub
that referenced
this issue
Sep 17, 2021
Update remove-markdown package to @tommoor/remove-markdown due to security issue. zuchka/remove-markdown#47
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
See https://snyk.io/vuln/SNYK-JS-REMOVEMARKDOWN-73635
Summary:
Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.
The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.
The text was updated successfully, but these errors were encountered: