Releases77
Frequency1 month 3 weeks
Last Release
Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
7.5 HIGH5 MEDIUM

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.

>= 2.0.0, < 2.8.9, >= 3.0.0, < 3.0.85.3 MEDIUM5 MEDIUM

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.