We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
What kind of vulnerability is it? Who is impacted?
Regular expression Denial of Service
A Denial of Service attack can affect anyone who runs user generated code through marked.
marked
Has the problem been patched? What versions should users upgrade to?
patched in v2.0.0
Is there a way for users to fix or remediate the vulnerability without upgrading?
None.
Are there any links users can visit to find out more?
#1927 https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
If you have any questions or comments about this advisory:
Xegyn Analyst
calculuschild Analyst
Impact
What kind of vulnerability is it? Who is impacted?
Regular expression Denial of Service
A Denial of Service attack can affect anyone who runs user generated code through
marked.Patches
Has the problem been patched? What versions should users upgrade to?
patched in v2.0.0
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
None.
References
Are there any links users can visit to find out more?
#1927
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
For more information
If you have any questions or comments about this advisory: