marked vulnerabilities

A markdown parser built for speed

Latest version: 0.3.19

View on npm

Licenses detected

  • license: Unknown >=0.0.1 <0.3.1
  • license: MIT >=0.3.1
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications
Vulnerability Vulnerable versions Snyk patch Published
  • H
Regular Expression Denial of Service (ReDoS) 		<0.3.17 Not available 27 Feb, 2018
  • M
Cross-site Scripting (XSS) 		<0.3.9 Not available 25 Dec, 2017
  • H
Cross-site Scripting (XSS) 		<0.3.9 Not available 25 Dec, 2017
  • H
Regular Expression Denial of Service (ReDoS) 		<0.3.9 Available 21 Sep, 2017
  • H
Cross-site Scripting (XSS) via Data URIs 		<0.3.7 Available 30 Jan, 2017
  • H
Content & Code Injection (XSS) 		<0.3.6 Available 20 Apr, 2016
  • M
VBScript Content Injection 		<=0.3.2 Available 30 Jan, 2014
  • H
Regular Expression Denial of Service (DoS) 		<=0.3.3 Available 30 Jan, 2014
  • M
Multiple Content Injection Vulnerabilities 		<=0.3.0 Not available 30 Jan, 2014
Report a new vulnerability