Skip to main content

Test Results

sagiegurari/grunt-markdownlint

Snyk’s security scan found the following vulnerabilities.
Ready to fix your vulnerabilities? Automatically find, fix, and monitor vulnerabilities for free with Snyk.

Vulnerabilities

 1 via 1 paths

Dependencies

 7

Source

 GitHub

Commit

 db546eb5

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity

Infinite loop

  • Vulnerable module: markdown-it
  • Introduced through: markdownlint@0.27.0

Detailed paths

  • Introduced through: grunt-markdownlint@sagiegurari/grunt-markdownlint#db546eb522fbb8a2ab303b63357735d5263a58fd markdownlint@0.27.0 markdown-it@13.0.1
    Remediation: Upgrade to markdownlint@0.32.0.

Overview

markdown-it is a modern pluggable markdown parser.

Affected versions of this package are vulnerable to Infinite loop in linkify inline rule when using malformed input.

Remediation

Upgrade markdown-it to version 13.0.2 or higher.

References

Infinite loop vulnerability report