USN-8276-1: Highlight.js vulnerability
Source: Ubuntu
Published:
<p>It was discovered that Highlight.js used plain JavaScript objects for internal language name lookups, making them susceptible to prototype pollution attacks. An attacker could use this to cause a denial of service or unexpected application behaviour.</p> <p>It was discovered that Highlight.js use