Lucene search
China National Vulnerability DatabaseCNVD-2022-77004HistoryJun 09, 2022 - 12:00 a.m.
npm markdown-link-extractor denial-of-service vulnerability
2022-06-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.001 Low
EPSS
Percentile
37.0%
npm markdown-link-extractor is used to extract links from Markdown text. npm markdown-link-extractor versions prior to 3.0.2 and 4.0.0 contain a denial of service vulnerability that stems from not properly handling incoming error messages, which could be exploited by an attacker to cause a denial of service in the application. exploit this vulnerability to cause a denial of service of the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| npm markdown-link-extractor | lt | 3.0.2 | |
| npm markdown-link-extractor | eq | 4.0.0 |
Related
cve
cve
CVE-2021-43308
2022-06-02 14:15:31
osv
osv
CVE-2021-43308
2022-06-02 14:15:31
Regular expression denial of service in markdown-link-extractor
2022-06-03 00:01:00
nvd
nvd
CVE-2021-43308
2022-06-02 14:15:31
prion
prion
Design/Logic Flaw
2022-06-02 14:15:00
cvelist
cvelist
CVE-2021-43308 Exponential ReDoS in markdown-link-extractor
2022-05-29 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-06-03 05:29:49
github
github
Regular expression denial of service in markdown-link-extractor
2022-06-03 00:01:00