EPSS
Percentile
72.4%
marked is vulnerable to regular expression denial of service. An attacker is able to induce the system into backtracking by injecting a maliciously crafted string via a variable block.def.
block.def
github.com/markedjs/marked/commit/c4a3ccd344b6929afa8a1d50ac54a721e57012c0
github.com/markedjs/marked/releases/tag/v4.0.10
github.com/markedjs/marked/security/advisories/GHSA-rrrm-qjm4-v8hf
lists.fedoraproject.org/archives/list/[email protected]/message/AIXDMC3CSHYW3YWVSQOXAWLUYQHAO5UX/