exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2026-2327

около 2 месяцев назад

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.

CVSS3: 5.3

EPSS: Низкий

CVE-2026-2327

около 2 месяцев назад

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-2327

около 2 месяцев назад

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.

CVSS3: 5.3

EPSS: Низкий

CVE-2026-2327

около 2 месяцев назад

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are ...

CVSS3: 5.3

EPSS: Низкий

GHSA-38c4-r59v-3vqw

около 2 месяцев назад

markdown-it is has a Regular Expression Denial of Service (ReDoS)

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-2327 Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
CVE-2026-2327 Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.	CVSS3: 7.5	0% Низкий	около 2 месяцев назад
CVE-2026-2327 Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
CVE-2026-2327 Versions of the package markdown-it from 13.0.0 and before 14.1.1 are ...	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
GHSA-38c4-r59v-3vqw markdown-it is has a Regular Expression Denial of Service (ReDoS)	CVSS3: 5.3	0% Низкий	около 2 месяцев назад

Уязвимостей на страницу