4 matches found
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service (CVE-2026-2327)
Summary Node.js module markdown-it is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to regular expression denial of service ReDoS. This bulletin provides...
CVE-2026-2327 vulnerabilities
Vulnerabilities for packages: kibana, renovate, semaphore, vitess...
CVE-2026-2327
A flaw was found in markdown-it. A remote attacker can exploit this Regular Expression Denial of Service ReDoS vulnerability by providing a specially crafted input containing a long sequence of asterisk characters followed by a non-matching character to the linkify function. This triggers excessi...
CVE-2026-2327
The CVE-2026-2327 case concerns the markdown-it package. Affected versions: 13.0.0 through 14.1.0 (and up to 14.1.1 as fixed) are vulnerable to a Regular Expression Denial of Service in the linkify function due to the regex /*$/ used for links; an attacker can provide a long sequence of * follow...