marked@1.2.5 vulnerabilities
A markdown parser built for speed
latest version
15.0.7
latest non vulnerable version
first published
13 years ago
latest version published
1 months ago
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the marked package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when unsanitized user input is passed to How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <4.0.10 |
marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when passing unsanitized user input to How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <4.0.10 |
marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). 3 or more groups of odd and even numbered consecutive underscores ( How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | >=1.1.1 <2.0.0 |