cve/2021/CVE-2021-21306.md

CVE-2021-21306

Description

Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0.

POC

Reference

No PoCs from references.

Github

• https://github.com/engn33r/awesome-redos-security