CVE-2015-9239: Improper Input Validation

September 1, 2020 (updated January 14, 2021)

ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.

References

github.com/advisories/GHSA-c2v2-7rcg-2ch7
nodesecurity.io/advisories/51
nvd.nist.gov/vuln/detail/CVE-2015-9239
www.npmjs.com/advisories/51

Code Behaviors & Features

Detect and mitigate CVE-2015-9239 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →