debricked / sylius-billogram-plugin

Adds a Sylius gateway for Billogram.
MIT License
1 stars 1 forks source link

A new vulnerability was discovered: CVE-2021-23362 #1

Open debricked[bot] opened 3 years ago

debricked[bot] commented 3 years ago

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via shortcutMatch in fromUrl().

Read more at Debricked: https://app.debricked.com/en/service/vulnerability/212316