6 matches found
CVE-2024-1899
An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...
Race condition
An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...
CVE-2024-1899
An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...
CVE-2024-1899 Showdownjs Denial of Service
An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...
PT-2024-18406
Name of the Vulnerable Software and Affected Versions Showdownjs versions = 2.1.0 Description An issue in the anchors subparser could allow a remote attacker to cause denial of service conditions. Recommendations For versions = 2.1.0, update to a version greater than 2.1.0 to resolve the issue. A...
Regular Expression Denial of Service (ReDoS)
Overview org.webjars.npm:showdown is a JavaScript Markdown to HTML converter. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the anchors subparser in anchors.js AKA links.js. PoC time node -e '/?:^|^\ ??:\n ?.?/g.test"".repeat9999' Details...