Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-r4vp-zkkv-jfex
Summary
CKEditor 5 Markdown plugin Regular expression Denial of Service
### Impact
A regular expression denial of service (ReDoS) vulnerability has been discovered in the CKEditor 5 Markdown plugin code. The vulnerability allowed to abuse a link recognition regular expression, which could cause a significant performance drop resulting in a browser tab freeze. It affects all users using the CKEditor 5 Markdown plugin at version <= 24.0.0. 

### Patches
The problem has been recognized and patched. The fix will be available in version 25.0.0.

### Workarounds
The user can work around the issue by:
- Upgrading CKEditor 5 to version 25.0.0.
- Disabling the Markdown plugin.

### More information
If you have any questions or comments about this advisory:
* Email us at [security@cksource.com](mailto:security@cksource.com)

### Acknowledgements
The CKEditor 5 team would like to thank Erik Krogh Kristensen from the GitHub team for recognizing this vulnerability and 
Alvaro Muñoz from GitHub for reporting it.
Aliases
0
alias CVE-2021-21254
1
alias GHSA-hgmg-hhc8-g5wr
Fixed_packages
0
url pkg:npm/ckeditor5@25.0.0
purl pkg:npm/ckeditor5@25.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@25.0.0
1
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@25.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@25.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wpgs-aj5v-zbbw
1
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@25.0.0
Affected_packages
0
url pkg:npm/ckeditor5@0.0.1-security
purl pkg:npm/ckeditor5@0.0.1-security
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@0.0.1-security
1
url pkg:npm/ckeditor5@10.0.0-rc.1
purl pkg:npm/ckeditor5@10.0.0-rc.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@10.0.0-rc.1
2
url pkg:npm/ckeditor5@10.0.0-rc.2
purl pkg:npm/ckeditor5@10.0.0-rc.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@10.0.0-rc.2
3
url pkg:npm/ckeditor5@10.0.0
purl pkg:npm/ckeditor5@10.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@10.0.0
4
url pkg:npm/ckeditor5@10.0.1
purl pkg:npm/ckeditor5@10.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@10.0.1
5
url pkg:npm/ckeditor5@10.1.0
purl pkg:npm/ckeditor5@10.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@10.1.0
6
url pkg:npm/ckeditor5@11.0.0
purl pkg:npm/ckeditor5@11.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@11.0.0
7
url pkg:npm/ckeditor5@11.0.1
purl pkg:npm/ckeditor5@11.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@11.0.1
8
url pkg:npm/ckeditor5@11.1.0
purl pkg:npm/ckeditor5@11.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@11.1.0
9
url pkg:npm/ckeditor5@11.1.1
purl pkg:npm/ckeditor5@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@11.1.1
10
url pkg:npm/ckeditor5@11.2.0
purl pkg:npm/ckeditor5@11.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@11.2.0
11
url pkg:npm/ckeditor5@12.0.0
purl pkg:npm/ckeditor5@12.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@12.0.0
12
url pkg:npm/ckeditor5@12.1.0
purl pkg:npm/ckeditor5@12.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@12.1.0
13
url pkg:npm/ckeditor5@12.2.0
purl pkg:npm/ckeditor5@12.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@12.2.0
14
url pkg:npm/ckeditor5@12.3.0
purl pkg:npm/ckeditor5@12.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@12.3.0
15
url pkg:npm/ckeditor5@12.3.1
purl pkg:npm/ckeditor5@12.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@12.3.1
16
url pkg:npm/ckeditor5@12.4.0
purl pkg:npm/ckeditor5@12.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@12.4.0
17
url pkg:npm/ckeditor5@15.0.0
purl pkg:npm/ckeditor5@15.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@15.0.0
18
url pkg:npm/ckeditor5@16.0.0
purl pkg:npm/ckeditor5@16.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@16.0.0
19
url pkg:npm/ckeditor5@17.0.0
purl pkg:npm/ckeditor5@17.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@17.0.0
20
url pkg:npm/ckeditor5@18.0.0
purl pkg:npm/ckeditor5@18.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@18.0.0
21
url pkg:npm/ckeditor5@19.0.0
purl pkg:npm/ckeditor5@19.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@19.0.0
22
url pkg:npm/ckeditor5@19.1.0
purl pkg:npm/ckeditor5@19.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@19.1.0
23
url pkg:npm/ckeditor5@19.1.1
purl pkg:npm/ckeditor5@19.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@19.1.1
24
url pkg:npm/ckeditor5@20.0.0
purl pkg:npm/ckeditor5@20.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@20.0.0
25
url pkg:npm/ckeditor5@21.0.0
purl pkg:npm/ckeditor5@21.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@21.0.0
26
url pkg:npm/ckeditor5@22.0.0
purl pkg:npm/ckeditor5@22.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@22.0.0
27
url pkg:npm/ckeditor5@23.0.0
purl pkg:npm/ckeditor5@23.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@23.0.0
28
url pkg:npm/ckeditor5@23.1.0
purl pkg:npm/ckeditor5@23.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@23.1.0
29
url pkg:npm/ckeditor5@24.0.0
purl pkg:npm/ckeditor5@24.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6q1k-xwcb-53hm
1
vulnerability VCID-r4vp-zkkv-jfex
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ckeditor5@24.0.0
30
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.3.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@0.3.0
31
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@0.4.0
32
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.1
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@0.4.1
33
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.2
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@0.4.2
34
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.3
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@0.4.3
35
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.4
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@0.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@0.4.4
36
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-alpha.1
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-alpha.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@1.0.0-alpha.1
37
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-alpha.2
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-alpha.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@1.0.0-alpha.2
38
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.1
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.1
39
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.2
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.2
40
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.4
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@1.0.0-beta.4
41
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@10.0.0
42
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.1
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@10.0.1
43
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.2
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@10.0.2
44
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.3
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@10.0.3
45
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.4
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@10.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@10.0.4
46
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@11.0.0
47
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.1
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@11.0.1
48
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.2
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@11.0.2
49
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.3
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@11.0.3
50
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.4
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@11.0.4
51
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.5
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@11.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@11.0.5
52
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@15.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@15.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@15.0.0
53
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@16.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@16.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@16.0.0
54
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@17.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@17.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@17.0.0
55
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@18.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@18.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@18.0.0
56
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@19.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@19.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@19.0.0
57
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@19.0.1
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@19.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@19.0.1
58
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@20.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@20.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@20.0.0
59
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@21.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@21.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@21.0.0
60
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@22.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@22.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@22.0.0
61
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@23.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@23.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@23.0.0
62
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@23.1.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@23.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@23.1.0
63
url pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@24.0.0
purl pkg:npm/%40ckeditor/ckeditor5-markdown-gfm@24.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r4vp-zkkv-jfex
1
vulnerability VCID-wpgs-aj5v-zbbw
2
vulnerability VCID-y831-gekf-cqh6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540ckeditor/ckeditor5-markdown-gfm@24.0.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21254
reference_id
reference_type
scores
0
value 0.00405
scoring_system epss
scoring_elements 0.60988
published_at 2026-04-02T12:55:00Z
1
value 0.00405
scoring_system epss
scoring_elements 0.6105
published_at 2026-04-24T12:55:00Z
2
value 0.00405
scoring_system epss
scoring_elements 0.61063
published_at 2026-04-21T12:55:00Z
3
value 0.00405
scoring_system epss
scoring_elements 0.6108
published_at 2026-04-18T12:55:00Z
4
value 0.00405
scoring_system epss
scoring_elements 0.61074
published_at 2026-04-16T12:55:00Z
5
value 0.00405
scoring_system epss
scoring_elements 0.61033
published_at 2026-04-13T12:55:00Z
6
value 0.00405
scoring_system epss
scoring_elements 0.61053
published_at 2026-04-12T12:55:00Z
7
value 0.00405
scoring_system epss
scoring_elements 0.61067
published_at 2026-04-11T12:55:00Z
8
value 0.00405
scoring_system epss
scoring_elements 0.61046
published_at 2026-04-09T12:55:00Z
9
value 0.00405
scoring_system epss
scoring_elements 0.6103
published_at 2026-04-08T12:55:00Z
10
value 0.00405
scoring_system epss
scoring_elements 0.60911
published_at 2026-04-01T12:55:00Z
11
value 0.00405
scoring_system epss
scoring_elements 0.60982
published_at 2026-04-07T12:55:00Z
12
value 0.00405
scoring_system epss
scoring_elements 0.61017
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21254
1
reference_url https://github.com/ckeditor/ckeditor5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor5
2
reference_url https://github.com/ckeditor/ckeditor5/releases/tag/v25.0.0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor5/releases/tag/v25.0.0
3
reference_url https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-hgmg-hhc8-g5wr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-hgmg-hhc8-g5wr
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21254
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21254
5
reference_url https://www.npmjs.com/package/@ckeditor/ckeditor5-markdown-gfm
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/@ckeditor/ckeditor5-markdown-gfm
6
reference_url https://github.com/advisories/GHSA-hgmg-hhc8-g5wr
reference_id GHSA-hgmg-hhc8-g5wr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgmg-hhc8-g5wr
Weaknesses
0
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-r4vp-zkkv-jfex