2 matches found
The vulnerability of the Marked compiler/analyzer, related to incorrect processing of regular expressions, allows a hacker to trigger a service failure.
The vulnerability of the Marked compiler and analyzer is related to the incorrect processing of the regular expression inline.reflinkSearch. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
GHSA-5V2H-R2CX-5XGJ Inefficient Regular Expression Complexity in marked
Impact What kind of vulnerability is it? Denial of service. The regular expression inline.reflinkSearch may cause catastrophic backtracking against some strings. PoC is the following. javascript import as marked from 'marked'; console.logmarked.parsex: x \\; Who is impacted? Anyone who runs...