CVE-2018-25110 Regular Expression Denial of Service (ReDoS) in markedjs/marked

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service ReDoS attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown...

CVE-2018-25110 Regular Expression Denial of Service (ReDoS) in markedjs/marked

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service ReDoS attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown...

Security Bulletin: IBM Storage Ceph is vulnerable to a REDOS attack in MarkedJS (CVE-2022-21680, CVE-2022-21681)

Summary MarkedJS is used by IBM Storage Ceph as a compiler to parse markdown. CVE-2022-21680, CVE-2022-21681 Vulnerability Details CVEID: CVE-2022-21680 DESCRIPTION: Node.js marked module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in block.de...

@mpjovanovich/dotmark (>=0.0.1 <=1.0.2) potentially affected by unknown CVE via markedjs (=0.0.1-security)

markedjs NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on markedjs and may be impacted: - @mpjovanovich/dotmark =0.0.1, =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2022-4484...

Malicious code in markedjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0654d4c4fc187b21de0d9ebad00b71a9872a754778e77d872536b647c9f2a6dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4484 Malicious code in markedjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0654d4c4fc187b21de0d9ebad00b71a9872a754778e77d872536b647c9f2a6dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-21680

A vulnerability was found in the markedjs package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...

CVE-2022-21681

A vulnerability was found in the markedjs package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...