bevacqua/insane

Releases14

Frequency1 month 1 week

Last Release over 9 years ago

Stars483

:pouting_cat: Lean and configurable whitelist-oriented HTML sanitizer

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-26303 ↗	Oct 26, 2024Saturday, 26 October 2024, 21:15	7.5 HIGH	—
insane is a whitelist-oriented HTML sanitizer. Versions 2.6.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.