Naughty Praying Mantis
Severity: low

Regular Expression Denial of Service

marked

Overview

Affected versions of marked are vulnerable to Regular Expression Denial of Service (ReDoS). The _label subrule may significantly degrade parsing performance of malformed input.

Remediation

Upgrade to version 0.7.0 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory Published
    Jul 25th, 2019
  2. reported

    Reported by Bart Grantham
    Jul 17th, 2019