Skip to content

html-minifier - kangax html-minifier REDoS vulnerabilityΒ #1241

New issue
New issue
Open
Open
html-minifier - kangax html-minifier REDoS vulnerability#1241
@Harshroc

Description

@Harshroc
Harshroc
opened on Jan 27, 2025

Vulnerability - Severity High
This is a vulnerability issue in @nestjs-modules/mailer version 2.0.2.

It is due to html-minifier library.

@nestjs-modules/mailer 2.0.2
└─┬ mjml 4.15.3
β”œβ”€β”¬ mjml-cli 4.15.3
β”‚ β”œβ”€β”€ html-minifier 4.0.0
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
β”œβ”€β”¬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
└─┬ mjml-preset-core 4.15.3
β”œβ”€β”¬ mjml-accordion 4.15.3
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
β”œβ”€β”¬ mjml-body 4.15.3
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
β”œβ”€β”¬ mjml-button 4.15.3
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
β”œβ”€β”¬ mjml-carousel 4.15.3
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
β”œβ”€β”¬ mjml-column 4.15.3
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
β”œβ”€β”¬ mjml-divider 4.15.3
β”‚ └─┬ mjml-core 4.15.3
β”‚ └── html-minifier 4.0.0
└─┬ mjml-group 4.15.3
└─┬ mjml-core 4.15.3
└── html-minifier 4.0.0

Can you please update or use another library. Or can provide any other alternative to send email through SMTP

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions