5 matches found
Fedora 32 : marked (2020-d714c08261)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2020-d714c08261 advisory. New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs- marked. I tested upgrades from both, but m...
Fedora 31 : marked (2020-5eca570e16)
The remote Fedora 31 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2020-5eca570e16 advisory. New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs- marked. I tested upgrades from both, but m...
08cms (=1.0.0), 0ad-tools (=0.0.1) +8809 more potentially affected by CVE-2015-8854 via marked (>=0.0.1 <=0.3.3)
marked NPM version =0.0.1, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2015-8854 Source advisory: OSV:GHSA-HJCP-J389-59FF...
CVE-2015-8854
The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service CPU consumption via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service ReDoS."...
CVE-2015-8854
CVE-2015-8854 details (concrete): The vulnerability affects the Node.js marked module prior to 0.3.4. It enables a denial of service (CPU exhaustion) via unspecified vectors that trigger a catastrophic backtracking issue in the Em inline rule, i.e., a ReDoS. Affected products in public docs inclu...