CVE-2022-21670, GHSA-6vfc-qv3f-vr6c
npm/markdown-it
Uncontrolled Resource Consumption in markdown-it
markdown-it is a Markdown parser. special patterns with length greater than thousand characterss could slow down the parser significantly. Users should upgrade to to receive a patch. There are no known workarounds aside from upgrading.
All versions up to 12.3.1
Upgrade to version 12.3.2 or above.
2022-01-13
source |