An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyNjItdjR2cS1ocjk2
Regular Expression Denial of Service (REDoS) in Marked
What kind of vulnerability is it? Who is impacted?
A Denial of Service attack can affect anyone who runs user generated code through
Has the problem been patched? What versions should users upgrade to?
patched in v2.0.0
Is there a way for users to fix or remediate the vulnerability without upgrading?
Are there any links users can visit to find out more?
For more information
If you have any questions or comments about this advisory:
- Open an issue in marked
Source: GitHub Advisory Database
Published: almost 3 years ago
Updated: 10 months ago
CVSS Score: 5.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Identifiers: GHSA-4r62-v4vq-hr96, CVE-2021-21306
Fixed in: 2.0.0