Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-21254
HistoryJan 29, 2021 - 10:15 p.m.

Design/Logic Flaw

2021-01-2922:15:00
PRIOn knowledge base
www.prio-n.com
4

0.001 Low

EPSS

Percentile

40.7%

JSON

CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckeditor/ckeditor5-markdown-gfm) before version 25.0.0 has a regex denial of service (ReDoS) vulnerability. The vulnerability allowed to abuse link recognition regular expression, which could cause a significant performance drop resulting in browser tab freeze. It affects all users using CKEditor 5 Markdown plugin at version <= 24.0.0. The problem has been recognized and patched. The fix will be available in version 25.0.0.

CPENameOperatorVersion
ckeditor5lt25.0.0

Related

osv 2
github 1
nvd 1
cve 1
veracode 1
nodejs 1
cvelist 1
osv
osv
CVE-2021-21254
2021-01-29 22:15:14
CKEditor 5 Markdown plugin Regular expression Denial of Service
2021-01-29 21:51:22
github
github
CKEditor 5 Markdown plugin Regular expression Denial of Service
2021-01-29 21:51:22
nvd
nvd
CVE-2021-21254
2021-01-29 22:15:14
cve
cve
CVE-2021-21254
2021-01-29 22:15:14
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-02-01 10:51:29
nodejs
nodejs
Regular Expression Denial of Service
2021-02-23 01:44:40
cvelist
cvelist
CVE-2021-21254 Regular expression Denial of Service in Markdown plugin
2021-01-29 21:55:14

0.001 Low

EPSS

Percentile

40.7%

JSON
Related for PRION:CVE-2021-21254
osv2github1nvd1cve1veracode1nodejs1cvelist1