{"url":"http://public2.vulnerablecode.io/api/packages/118801?format=json","purl":"pkg:deb/debian/node-marked@0.3.6%2Bdfsg-1?distro=trixie","type":"deb","namespace":"debian","name":"node-marked","version":"0.3.6+dfsg-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.3.9+dfsg-1","latest_non_vulnerable_version":"4.2.3+ds+~4.0.7-4","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30506?format=json","vulnerability_id":"VCID-3nt4-689k-qkan","summary":"Regular Expression Denial of Service\nMarked 0.3.3 and earlier is vulnerable to regular expression denial of service (ReDoS) when certain types of input are passed in to be parsed.\n\n\"The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time.\" [1]\n\nMarked's catastrophic backtracking issue for the `em` inline rule has now been patched in 0.3.4.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8854","reference_id":"","reference_type":"","scores":[{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.7839","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.7836","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78386","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78395","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78372","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78384","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8854"},{"reference_url":"https://github.com/chjj/marked","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/chjj/marked"},{"reference_url":"https://github.com/chjj/marked/issues/497","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/chjj/marked/issues/497"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S/"},{"reference_url":"https://nodesecurity.io/advisories/23","reference_id":"","reference_type":"","scores":[],"url":"https://nodesecurity.io/advisories/23"},{"reference_url":"https://support.f5.com/csp/article/K05052081?utm_source=f5support&amp;utm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K05052081?utm_source=f5support&amp;utm_medium=RSS"},{"reference_url":"https://www.npmjs.com/advisories/23","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/advisories/23"},{"reference_url":"https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/04/20/11","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/04/20/11"},{"reference_url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/23.json","reference_id":"23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/23.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8854","reference_id":"CVE-2015-8854","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8854"},{"reference_url":"https://github.com/advisories/GHSA-hjcp-j389-59ff","reference_id":"GHSA-hjcp-j389-59ff","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hjcp-j389-59ff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/118801?format=json","purl":"pkg:deb/debian/node-marked@0.3.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.3.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118799?format=json","purl":"pkg:deb/debian/node-marked@0.8.0%2Bds%2Brepack-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-awq5-34c9-tkes"},{"vulnerability":"VCID-xf3w-qz3m-h7fv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.8.0%252Bds%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118796?format=json","purl":"pkg:deb/debian/node-marked@4.2.3%2Bds%2B~4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@4.2.3%252Bds%252B~4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118800?format=json","purl":"pkg:deb/debian/node-marked@4.2.3%2Bds%2B~4.0.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@4.2.3%252Bds%252B~4.0.7-4%3Fdistro=trixie"}],"aliases":["CVE-2015-8854","GHSA-hjcp-j389-59ff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nt4-689k-qkan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39679?format=json","vulnerability_id":"VCID-5bd3-3bhj-e7hr","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nmarked is an application that is meant to parse and compile markdown. Due to the way that marked parses input, specifically HTML entities, it's possible to bypass marked's content injection protection (`sanitize: true`) to inject a `javascript:` URL. This flaw exists because `&#xNNanything;` gets parsed to what it could and leaves the rest behind, resulting in just `anything;` being left.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10531","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52693","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52671","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52648","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52674","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52627","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52686","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10531"},{"reference_url":"https://github.com/advisories/GHSA-vfvf-mqq8-rwqc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vfvf-mqq8-rwqc"},{"reference_url":"https://github.com/chjj/marked/pull/592","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/chjj/marked/pull/592"},{"reference_url":"https://github.com/chjj/marked/pull/592/commits/2cff85979be8e7a026a9aca35542c470cf5da523","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/chjj/marked/pull/592/commits/2cff85979be8e7a026a9aca35542c470cf5da523"},{"reference_url":"https://nodesecurity.io/advisories/101","reference_id":"","reference_type":"","scores":[],"url":"https://nodesecurity.io/advisories/101"},{"reference_url":"https://www.npmjs.com/advisories/101","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/advisories/101"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10531","reference_id":"CVE-2016-10531","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10531"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/118801?format=json","purl":"pkg:deb/debian/node-marked@0.3.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.3.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118799?format=json","purl":"pkg:deb/debian/node-marked@0.8.0%2Bds%2Brepack-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-awq5-34c9-tkes"},{"vulnerability":"VCID-xf3w-qz3m-h7fv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.8.0%252Bds%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118796?format=json","purl":"pkg:deb/debian/node-marked@4.2.3%2Bds%2B~4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@4.2.3%252Bds%252B~4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118800?format=json","purl":"pkg:deb/debian/node-marked@4.2.3%2Bds%2B~4.0.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@4.2.3%252Bds%252B~4.0.7-4%3Fdistro=trixie"}],"aliases":["CVE-2016-10531","GHSA-vfvf-mqq8-rwqc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bd3-3bhj-e7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30513?format=json","vulnerability_id":"VCID-y6xb-gmwg-7qbc","summary":"VBScript Content Injection\nMarked 0.3.2 and earlier is vulnerable to content injection even when `sanitize: true` is enabled.\n\n`[xss link](vbscript:alert(1&#41;)`\n\nwill get a link\n\n`<a href=\"vbscript:alert(1)\">xss link</a>`\n\nthis script does not work in IE 11 edge mode, but works in IE 10 compatibility view.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1370","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57682","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57736","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57719","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57732","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57742","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57733","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1370"},{"reference_url":"https://github.com/chjj/marked/issues/492","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/chjj/marked/issues/492"},{"reference_url":"https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba"},{"reference_url":"https://github.com/markedjs/marked","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/markedjs/marked"},{"reference_url":"https://github.com/markedjs/marked/commit/fc372d1c6293267722e33f2719d57cebd67b3da1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/markedjs/marked/commit/fc372d1c6293267722e33f2719d57cebd67b3da1"},{"reference_url":"https://github.com/markedjs/marked/issues/492","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/markedjs/marked/issues/492"},{"reference_url":"https://www.npmjs.com/advisories/24","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/advisories/24"},{"reference_url":"https://www.npmjs.com/advisories/24/versions","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/advisories/24/versions"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/01/23/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/01/23/2"},{"reference_url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/24.json","reference_id":"24","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/nodejs/security-wg/blob/main/vuln/npm/24.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1370","reference_id":"CVE-2015-1370","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1370"},{"reference_url":"https://github.com/advisories/GHSA-cfjh-p3g4-3q2f","reference_id":"GHSA-cfjh-p3g4-3q2f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cfjh-p3g4-3q2f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/118801?format=json","purl":"pkg:deb/debian/node-marked@0.3.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.3.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118799?format=json","purl":"pkg:deb/debian/node-marked@0.8.0%2Bds%2Brepack-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-awq5-34c9-tkes"},{"vulnerability":"VCID-xf3w-qz3m-h7fv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.8.0%252Bds%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118796?format=json","purl":"pkg:deb/debian/node-marked@4.2.3%2Bds%2B~4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@4.2.3%252Bds%252B~4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/118800?format=json","purl":"pkg:deb/debian/node-marked@4.2.3%2Bds%2B~4.0.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@4.2.3%252Bds%252B~4.0.7-4%3Fdistro=trixie"}],"aliases":["CVE-2015-1370","GHSA-cfjh-p3g4-3q2f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6xb-gmwg-7qbc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-marked@0.3.6%252Bdfsg-1%3Fdistro=trixie"}