Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-21306

Опубликовано: 08 фев. 2021
Источник: redhat
CVSS3: 7.5

Описание

Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift Service Mesh 2.0servicemesh-grafanaNot affected
Red Hat OpenShift Container Platform 4openshift4/ose-grafanaNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1926866nodejs-marked: Regular expression denial of service

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-21306

CVSS3: 5.3
nvd
почти 5 лет назад

Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0.

debian логотип

CVE-2021-21306

CVSS3: 5.3
debian
почти 5 лет назад

Marked is an open-source markdown parser and compiler (npm package "ma ...

github логотип

GHSA-4r62-v4vq-hr96

CVSS3: 5.3
github
почти 5 лет назад

Regular Expression Denial of Service (REDoS) in Marked

7.5 High

CVSS3