EUVD-2022-6096

Malicious code in bioql PyPI...

npm markdown-link-extractor denial-of-service vulnerability

npm markdown-link-extractor is used to extract links from Markdown text. npm markdown-link-extractor versions prior to 3.0.2 and 4.0.0 contain a denial of service vulnerability that stems from not properly handling incoming error messages, which could be exploited by an attacker to cause a denial...

@angie061099/md-links (=0.2.0), @boillodmanuel/markdown-link-check (>=4.0.1 <=4.7.0) +75 more potentially affected by CVE-2021-43308 via markdown-link-extractor (>=1.3.1 <=2.0.1)

markdown-link-extractor NPM version =1.3.1, =4.0.1, =0.0.2, =1.0.30001255, =1.0.0, =1.0.0, =0.0.33, =0.0.0, =0.1.11, =0.0.3, =0.1.0, =0.1.0, =1.1.0, =1.0.0, =1.1.0 and more Source cves: CVE-2021-43308 Source advisory: OSV:GHSA-MMH6-M7V9-5956...

GHSA-MMH6-M7V9-5956 Regular expression denial of service in markdown-link-extractor

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

Regular expression denial of service in markdown-link-extractor

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

CVE-2021-43308

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

CVE-2021-43308

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

npm markdown-link-extractor 安全漏洞

npm markdown-link-extractor is used to extract links from Markdown text. npm markdown-link-extractor versions prior to 3.0.2 and 4.0.0 contain a denial of service vulnerability that stems from not properly handling incoming error messages, which could be exploited by an attacker to cause a denial...

CVE-2021-43308 Exponential ReDoS in markdown-link-extractor

An exponential ReDoS Regular Expression Denial of Service can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function...

CVE-2021-43308

CVE-2021-43308 affects the npm package markdown-link-extractor . The vulnerability is an exponential ReDoS that can be triggered by attacker-supplied input to the module’s exported function, with specifics citing an insecure regex pattern used for the image parameter. Public details describe a Do...

PT-2022-11820 · Npm · Markdown-Link-Extractor

Name of the Vulnerable Software and Affected Versions: markdown-link-extractor npm package affected versions not specified Description: The issue is related to an exponential ReDoS Regular Expression Denial of Service that can be triggered when an attacker supplies arbitrary input to the module's...