Hi, On Thu, Sep 30, 2021 at 07:58:31PM +0100, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Tue, 2021-09-21 at 14:49 +0200, Yadd wrote: > > node-prismjs is vulnerable to a Regex Denial of Service (ReDoS) > > (CVE-2021-40438) > > > > According to the Security Tracker, that's an Apache mod-proxy issue.
Looks this was typoed, and the right CVE mentioned whould be CVE-2021-3801 (whereas the commit used is as per CVE-2021-3801, https://github.com/prismjs/prism/commit/0ff371bb4775a131634f47d0fe85794c547232f9). Regards, Salvatore
