EPSS
Percentile
60.8%
marked is vulnerable to regular expression denial of service. An attacker is able to induce the system into backtracking by injecting a maliciously crafted string via a variable inline.reflink search.
inline.reflink
github.com/markedjs/marked/commit/8f806573a3f6c6b7a39b8cdb66ab5ebb8d55a5f5
github.com/markedjs/marked/security/advisories/GHSA-5v2h-r2cx-5xgj
lists.fedoraproject.org/archives/list/[email protected]/message/AIXDMC3CSHYW3YWVSQOXAWLUYQHAO5UX/