3 matches found
CVE-2019-12041
lib/common/htmlre.js in remarkable 1.7.1 allows Regular Expression Denial of Service ReDoS via a CDATA section...
@abdelilah/react-rich-text (=0.0.1), @bemit/flood-admin (>=0.1.2 <=0.1.6) +36 more potentially affected by CVE-2019-12041 via remarkable (>=1.3.0 <=1.7.1)
remarkable NPM version =1.3.0, =0.1.2, =0.1.0, =0.1.0, =4.0.0, =5.17.1, =1.1.2, =0.0.23, =0.0.23, =0.1.0, =2.0.0-beta0, =0.1.9, =0.2.1 - docpack =1.0.0-alpha and more Source cves: CVE-2019-12041 Source advisory: OSV:GHSA-Q22G-8FR4-QPJ4...
CVE-2019-12041
Affected software: remarkable 1.7.1, with vulnerable code in lib/common/html_re.js. The CVE describes a Regular Expression Denial of Service (ReDoS) via a CDATA section in that file. The vulnerability could allow an attacker to craft input inside the CDATA tag that drives the regex engine to high...