CVE-2022-21670

CVE-2022-21670, GHSA-6vfc-qv3f-vr6c

npm/markdown-it

Uncontrolled Resource Consumption in markdown-it

markdown-it is a Markdown parser. special patterns with length greater than thousand characterss could slow down the parser significantly. Users should upgrade to to receive a patch. There are no known workarounds aside from upgrading.

All versions up to 12.3.1

Upgrade to version 12.3.2 or above.

2022-01-13