Lucene search
GoogleOSV:CVE-2022-21681HistoryJan 14, 2022 - 5:15 p.m.
CVE-2022-21681
2022-01-1417:15:13
Google
osv.dev
7
marked
markdown parser
compiler
denial of service
vulnerability
EPSS
0.002
Percentile
60.8%
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression inline.reflinkSearch may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
Related
ibm
ibm
nvd
nvd
CVE-2022-21681
2022-01-14 17:15:13
cvelist
cvelist
CVE-2022-21681 Exponential catastrophic backtracking (ReDoS) in marked
2022-01-14 00:00:00
cve
cve
CVE-2022-21681
2022-01-14 17:15:13
cnvd
cnvd
marked denial of service vulnerability
2022-01-18 00:00:00
debiancve
debiancve
CVE-2022-21681
2022-01-14 17:15:13
redhatcve
redhatcve
CVE-2022-21681
2022-05-06 20:29:55
github
github
Inefficient Regular Expression Complexity in marked
2022-01-14 21:04:46
ubuntucve
ubuntucve
CVE-2022-21681
2022-01-14 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-01-17 14:04:05
osv
osv
Inefficient Regular Expression Complexity in marked
2022-01-14 21:04:46
prion
prion
Code injection
2022-01-14 17:15:00
nessus
nessus
Fedora 36 : gitqlient (2022-784d729f30)
2022-12-23 00:00:00
RHEL 9 : ceph (Unpatched Vulnerability)
2024-07-11 00:00:00
RHEL 8 : ceph (Unpatched Vulnerability)
2024-07-11 00:00:00
openvas
openvas
Fedora: Security Advisory for gitqlient (FEDORA-2022-784d729f30)
2022-10-10 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: gitqlient-1.5.0-2.fc36
2022-10-08 17:33:50
redhat
redhat