CVE-2024-1899

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

CVE-2024-1899

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

Race condition

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

CVE-2024-1899

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

CVE-2024-1899 Showdownjs Denial of Service

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

CVE-2024-1899

CVE-2024-1899 affects ShowdownJS (the anchors subparser) where versions

PT-2024-18406 · Unknown · Showdownjs

Name of the Vulnerable Software and Affected Versions: Showdownjs versions = 2.1.0 Description: An issue in the anchors subparser could allow a remote attacker to cause denial of service conditions. Recommendations: For versions = 2.1.0, update to a version greater than 2.1.0 to resolve the issue...

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:showdown is a JavaScript Markdown to HTML converter. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the anchors subparser in anchors.js AKA links.js. PoC time node -e '/?:^|^\ ??:\n ?.?/g.test"".repeat9999' Details...