cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon sequelize

Any plan upgrading js-beautify from 1.14.0 to 1.14.1 for security issue?

Open zhhsun opened this issue 3 years ago • 0 comments

js-beautify is a reformat and re-indent bookmarklets, ugly JavaScript, unpack scripts packed by Dean Edward’s popular packer, as well as partly deobfuscate scripts processed by the npm package "javascript-obfuscator".

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to an unsafe regex in tokenizer.py and tokenizer.js.

https://security.snyk.io/vuln/SNYK-JS-JSBEAUTIFY-2311652

zhhsun avatar Aug 01 '22 06:08 zhhsun