Skip to content

html-minifier - kangax html-minifier REDoS vulnerability #1241

Open
@Harshroc

Description

@Harshroc

Vulnerability - Severity High
This is a vulnerability issue in @nestjs-modules/mailer version 2.0.2.

It is due to html-minifier library.

@nestjs-modules/mailer 2.0.2
└─┬ mjml 4.15.3
├─┬ mjml-cli 4.15.3
│ ├── html-minifier 4.0.0
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
├─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
└─┬ mjml-preset-core 4.15.3
├─┬ mjml-accordion 4.15.3
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
├─┬ mjml-body 4.15.3
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
├─┬ mjml-button 4.15.3
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
├─┬ mjml-carousel 4.15.3
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
├─┬ mjml-column 4.15.3
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
├─┬ mjml-divider 4.15.3
│ └─┬ mjml-core 4.15.3
│ └── html-minifier 4.0.0
└─┬ mjml-group 4.15.3
└─┬ mjml-core 4.15.3
└── html-minifier 4.0.0

Can you please update or use another library. Or can provide any other alternative to send email through SMTP

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions