92 matches found
MAL-2025-23314 Malicious code in ionosphere-prettier-plugin-markdown-yonder-chai (npm)
The package ionosphere-prettier-plugin-markdown-yonder-chai was found to contain malicious code...
Regular Expression Denial of Service
Overview In affected versions of @ckeditor/ckeditor5-markdown-gfm a regular expression denial of service ReDoS vulnerability has been discovered. Impact The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browse...
CVE-2021-21254
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...
CVE-2021-21254
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...
Design/Logic Flaw
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...
CVE-2021-21254
CVE-2021-21254 affects CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) versions ≤ 24.0.0. A ReDoS vulnerability arises from the plugin’s link-recognition regex, enabling significant performance degradation and browser tab freezes. The issue is fixed in version 25.0.0, with advisorie...
CVE-2021-21254 Regular expression Denial of Service in Markdown plugin
CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin @ckeditor/ckeditor5-markdown-gfm before version 25.0.0 has a regex denial of service ReDoS vulnerability. The vulnerability allowed to abuse link recognition regular expression, whi...
CKEditor 5 Markdown plugin Regular expression Denial of Service
Impact A regular expression denial of service ReDoS vulnerability has been discovered in the CKEditor 5 Markdown plugin code. The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browser tab freeze. It affects al...
GHSA-HGMG-HHC8-G5WR CKEditor 5 Markdown plugin Regular expression Denial of Service
Impact A regular expression denial of service ReDoS vulnerability has been discovered in the CKEditor 5 Markdown plugin code. The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browser tab freeze. It affects al...
CKEditor Resource Management Error Vulnerability
CKEditor is an open source, web-based text editor. A resource management error vulnerability exists in CKEditor 5 that allows misuse of link-recognizing regular expressions to cause the browser tab to freeze. The following products and versions are affected: CKEditor 5 Markdown plugin at version ...
PT-2021-14364 · Ckeditor · Ckeditor 5 Markdown Plugin
Name of the Vulnerable Software and Affected Versions: CKEditor 5 Markdown plugin versions prior to 25.0.0 Description: The CKEditor 5 Markdown plugin has a regex denial of service ReDoS vulnerability. This vulnerability allows the abuse of link recognition regular expressions, which could cause ...
Mail.ru: LRF on shared.mail.ru due to "markdown" plugin
Markdown plugin in Atlassian Jira instance for external contractors was vulnerable to LFR vulnerability...