812:marked:Regular Expression Denial of Service

No CVE
CWE CWE-400
References: - [GitHub PR](https://github.com/markedjs/marked/pull/1460)
- [Snyk Report](https://snyk.io/vuln/SNYK-JS-MARKED-174116)
Versions of `marked` prior to 0.6.2 and later than 0.3.14 are vulnerable to Regular Expression Denial of Service. Email addresses may be evaluated in quadratic time, allowing attackers to potentially crash the node process due to resource exhaustion.
@marshyski 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

812:marked:Regular Expression Denial of Service #247

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

812:marked:Regular Expression Denial of Service #247

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions