Regular Expression Denial Of Service (ReDoS)

Cattown is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to the use of inefficient regular expressions with potentially exponential backtracking complexity, which allows an attacker to craft malicious markdown inputs that cause excessive CPU usage and lead to...

league/commonmark's quadratic complexity bugs may lead to a denial of service

Impact Several polynomial time complexity issues in league/commonmark may lead to unbounded resource exhaustion and subsequent denial of service. Malicious users could trigger that inefficient code with carefully crafted Markdown inputs that are specifically designed to ensure the worst-case...