npm/hosted-git-info

Releases76

Frequency1 month 3 weeks

Last Release 16 days ago

Stars236

Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-29063 ↗	Jun 21, 2021Monday, 21 June 2021, 20:15	7.5 HIGH	5 MEDIUM
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
CVE-2021-23362 ↗	Mar 23, 2021Tuesday, 23 March 2021, 17:15	5.3 MEDIUM	5 MEDIUM
The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.