CVE-2021-21306

Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:marked_project:marked:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2021-02-08 22:15

Updated : 2024-02-04 21:23


NVD link : CVE-2021-21306

Mitre link : CVE-2021-21306

CVE.ORG link : CVE-2021-21306


JSON object : View

Products Affected

marked_project

  • marked
CWE
CWE-400

Uncontrolled Resource Consumption