Skip to content

v5.0.1

Compare
Choose a tag to compare
@Qix- Qix- released this 14 Sep 15:59
· 9 commits to main since this release

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

  • Fix ReDoS in certain cases (#37)
    You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @yetingli for the patch and reproduction case!