CVE-2021-21306

Uncontrolled Resource Consumption in npm/marked

Identifier

CVE-2021-21306

Package Slug

npm/marked

Vulnerability

Uncontrolled Resource Consumption

Description

Marked is an open-source markdown parser and compiler. In marked from and, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed

Affected Versions

All versions starting from 1.1.1 before 2.0.0

Solution

Upgrade to version 2.0.0 or above.

Last Modified

2021-02-12

source