Vulnerability — CVE-2022-37620

CVE-2022-37620

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-37620
Description:: A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 via the candidate variable in htmlminifier.js.
Last updated date:: 08/08/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/01/2022
Reference url to background: https://github.com/kangax/html-minifier/blob/51ce10f4daedb1de483ffbcccecc41be1c873da2/src/htmlminifier.js#L1338

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/01/2022
Reference url to background: https://github.com/kangax/html-minifier/blob/51ce10f4daedb1de483ffbcccecc41be1c873da2/src/htmlminifier.js#L294