Lucene search
K

92 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-23314 Malicious code in ionosphere-prettier-plugin-markdown-yonder-chai (npm)

The package ionosphere-prettier-plugin-markdown-yonder-chai was found to contain malicious code...

7.2AI score
Exploits0
Node.js
Node.js
added 2021/02/23 1:44 a.m.67 views

Regular Expression Denial of Service

Overview In affected versions of @ckeditor/ckeditor5-markdown-gfm a regular expression denial of service ReDoS vulnerability has been discovered. Impact The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browse...

4CVSS6.3AI score0.01792EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/01/29 10:15 p.m.19 views

CVE-2021-21254

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...

6.5CVSS6.3AI score
Exploits0References3
NVD
NVD
added 2021/01/29 10:15 p.m.24 views

CVE-2021-21254

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...

6.5CVSS6.3AI score0.01792EPSS
Exploits0References3
Prion
Prion
added 2021/01/29 10:15 p.m.18 views

Design/Logic Flaw

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...

4CVSS6.3AI score0.01792EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2021/01/29 9:55 p.m.79 views

CVE-2021-21254

CVE-2021-21254 affects CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) versions ≤ 24.0.0. A ReDoS vulnerability arises from the plugin’s link-recognition regex, enabling significant performance degradation and browser tab freezes. The issue is fixed in version 25.0.0, with advisorie...

6.5CVSS6.2AI score0.01792EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/01/29 9:55 p.m.23 views

CVE-2021-21254 Regular expression Denial of Service in Markdown plugin

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...

6.5CVSS6.5AI score0.01792EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/01/29 9:51 p.m.56 views

CKEditor 5 Markdown plugin Regular expression Denial of Service

Impact A regular expression denial of service ReDoS vulnerability has been discovered in the CKEditor 5 Markdown plugin code. The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browser tab freeze. It affects al...

6.5CVSS2.9AI score0.01792EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/01/29 9:51 p.m.28 views

GHSA-HGMG-HHC8-G5WR CKEditor 5 Markdown plugin Regular expression Denial of Service

Impact A regular expression denial of service ReDoS vulnerability has been discovered in the CKEditor 5 Markdown plugin code. The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browser tab freeze. It affects al...

6.5CVSS6.3AI score0.01792EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/01/29 12:0 a.m.9 views

CKEditor Resource Management Error Vulnerability

CKEditor is an open source, web-based text editor. A resource management error vulnerability exists in CKEditor 5 that allows misuse of link-recognizing regular expressions to cause the browser tab to freeze. The following products and versions are affected: CKEditor 5 Markdown plugin at version ...

6.5CVSS6.6AI score0.01792EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/01/29 12:0 a.m.5 views

PT-2021-14364 · Ckeditor · Ckeditor 5 Markdown Plugin

Name of the Vulnerable Software and Affected Versions: CKEditor 5 Markdown plugin versions prior to 25.0.0 Description: The CKEditor 5 Markdown plugin has a regex denial of service ReDoS vulnerability. This vulnerability allows the abuse of link recognition regular expressions, which could cause ...

6.5CVSS6.3AI score0.01792EPSS
Exploits0References10
Hacker One
Hacker One
added 2019/03/29 10:54 a.m.33 views

Mail.ru: LRF on shared.mail.ru due to "markdown" plugin

Markdown plugin in Atlassian Jira instance for external contractors was vulnerable to LFR vulnerability...

5AI score
Exploits0
Rows per page
Query Builder