VYPR

npm package

bleach

pkg:npm/bleach

Vulnerabilities (1)

  • CVE-2014-8881medSep 1, 2020
    affected >= 0.0.0

    All versions of the `bleach` package are vulnerable to a regular expression denial of service attack when certain types of input are passed into the sanitize function. ## Recommendation The `bleach` package is not currently maintained, and has not seen an update since 2014.