Description
This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.
Remediation
References
https://github.com/Tjatse/ansi-html/issues/19
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198
https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849
Related Vulnerabilities
CVE-2011-2087 Vulnerability in maven package org.apache.struts:struts2-javatemplates-plugin
CVE-2020-2258 Vulnerability in maven package org.jenkins-ci.plugins:cloudbees-jenkins-advisor
CVE-2023-47327 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web
CVE-2019-16303 Vulnerability in npm package generator-jhipster-kotlin