Yeting Li

icon indicating a website link https://yetingli.github.io/

icon company IIE CAS icon location Beijing, China

Results 6 comments of Yeting Li

Trying to get in touch regarding a security issue

Hi John @jfsiii , recently I found a potential ReDoS vulnerability inside `chromath` and made a patch for it. I hope these can help you. You can access the vulnerability...

ReDoS in node-ical

Sorry, I don't have permission to make this security report public on huntr. Only after this report is confirmed can it be made public. You can use your GitHub account...

ReDoS in node-ical

Others suggested that I should do a responsible disclosure, that is, I should not open an issue until the report has been validated. Once the report is made public, but...

ReDoS in node-ical

Thank you for your understanding! I would like to report a Regular Expression Denial of Service (ReDoS) vulnerability. It allows cause a denial of service when calling `parseICS`. **Proof of...

ReDoS in node-ical

A relatively simple patch, you can use the package `re2` (https://www.npmjs.com/package/re2). I hope this can help you.

Trying to get in touch regarding a security issue

Hey Steve, recently I found a potential ReDoS vulnerability inside `html-comment-regex`, I made a patch for it and hope you are happy to receive this fix. You can access the...