SNYK Security Vulnerablity: ReDoS #47
Comments
|
Hey. Is development on this project active at all? If so, is this issue going to be addressed anytime soon? |
abdvl
added a commit
to abdvl/datahub
that referenced
this issue
Sep 17, 2021
Update remove-markdown package to @tommoor/remove-markdown due to security issue. zuchka/remove-markdown#47
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
See https://snyk.io/vuln/SNYK-JS-REMOVEMARKDOWN-73635
Summary:
Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.
The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.
The text was updated successfully, but these errors were encountered: