Lucene search
GoogleOSV:CVE-2022-37620HistoryOct 31, 2022 - 12:15 p.m.
CVE-2022-37620
2022-10-3112:15:10
Google
osv.dev
8
cve-2022-37620
kangax html-minifier
htmlminifier.js
software
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.3%
A Regular Expression Denial of Service (ReDoS) flaw was found in kangax html-minifier 4.0.0 via the candidate variable in htmlminifier.js.
Related
cve
cve
CVE-2022-37620
2022-10-31 12:15:10
github
github
kangax html-minifier REDoS vulnerability
2022-10-31 19:00:36
cvelist
cvelist
CVE-2022-37620
2022-10-31 00:00:00
nvd
nvd
CVE-2022-37620
2022-10-31 12:15:10
prion
prion
Hardcoded credentials
2022-10-31 12:15:00
osv
osv
kangax html-minifier REDoS vulnerability
2022-10-31 19:00:36
cnvd
cnvd
HTMLMinifier Denial of Service Vulnerability
2022-11-02 00:00:00
ibm
ibm
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.3%
Related for OSV:CVE-2022-37620