Security audit of lol-html, Cloudflare's low-output-latency streaming HTML rewriter. Each finding includes a detailed write-up and a patch.
Total findings: 2 -- Medium: 2
| # | Finding | Severity |
|---|---|---|
| 001 | Unbounded namespace stack growth on nested foreign tags | Medium |
| 002 | nth-of-type counters bypass the memory limiter | Medium |