npm vulnerability intelligence

hosted-git-info NPM Package
Vulnerability Check

Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab

Moderate ISC v10.1.1
Vulnerability Analysis OSV Live

hosted-git-info

v10.1.1 · ISC · 78,114,827 dl/wk

Advisory Breakdown

Critical 0
High 0
Moderate 1
Low 0

Severity Rating

Moderate

1 advisory

Moderate

Weekly downloads

78,114,827

Total advisories

1

Latest version

10.1.1

License

ISC

Advisories Package Info Runtime

Known advisories

OSV records for the npm ecosystem

1
GHSA-43f8-2h32-f4cj CVE-2021-23362 moderate

Regular Expression Denial of Service in hosted-git-info

Affected: >=0 <2.8.9, >=3.0.0 <3.0.8 Fixed in: 2.8.9, 3.0.8 Updated Jan 14, 2025
View source

Checked Jun 12, 2026, 6:23 PM from npm and OSV.dev

Package metadata

From the npm registry

Package name
hosted-git-info
Ecosystem
npm
Latest version
10.1.1
License
ISC
Weekly downloads
78,114,827
Repository
Open repository

Remediation boundary

What RequestGuard does — and doesn't — cover

RequestGuard does not fix npm package vulnerabilities. Dependency remediation happens through package updates, patches, lockfile changes, and maintainer guidance. RequestGuard can help mitigate runtime abuse around exposed web and API flows while remediation is handled separately.

Signup flows
Login attempts
API traffic

Protect runtime flows →

Allow, challenge, review, and block decisions for exposed endpoints.

Data from npm registry and OSV.dev · Checked 6/12/2026, 6:23:06 PM