Description
This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.
Remediation
References
https://github.com/Tjatse/ansi-html/issues/19
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567198
https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849
Related Vulnerabilities
CVE-2022-0868 Vulnerability in npm package urijs
CVE-2022-24815 Vulnerability in npm package generator-jhipster
CVE-2023-27602 Vulnerability in maven package org.apache.linkis:linkis-storage-script-dev-server
CVE-2014-9772 Vulnerability in npm package validator
CVE-2020-15231 Vulnerability in maven package org.mapfish.print:print-lib