module
marked npm module "heading" ReDoS
| Disclosed |
|---|
| N/A |
Disclosed
N/A
Description
This module exploits a Regular Expression Denial of Service vulnerability
in the npm module "marked". The vulnerable portion of code that this module
targets is in the "heading" regular expression. Web applications that use
"marked" for generating html from markdown are vulnerable. Versions up to
0.4.0 are vulnerable.
in the npm module "marked". The vulnerable portion of code that this module
targets is in the "heading" regular expression. Web applications that use
"marked" for generating html from markdown are vulnerable. Versions up to
0.4.0 are vulnerable.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.