Npmjs: >> Hosted-Git-Info Security Vulnerabilities
The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-03-23