Search for vulnerabilities
| Vulnerability ID | VCID-prx8-kw1g-kkhn |
| Aliases |
GHSA-7m7q-q53v-j47v
|
| Summary | A flaw was found in nodejs-marked versions from 0.5.0 to before 0.6.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). Input to the host variable is vulnerable when input contains parenthesis in link URIs, coupled with a high number of link tokens in a single line. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| generic_textual | MODERATE | https://bugzilla.redhat.com/show_bug.cgi?id=1679550 |
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-7m7q-q53v-j47v |
| generic_textual | MODERATE | https://github.com/Feder1co5oave/marktex/commit/cc8a45288b59ca10a8fedaed9028072021be9999 |
| Reference id | Reference type | URL |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1679550 | ||
| https://github.com/Feder1co5oave/marktex/commit/cc8a45288b59ca10a8fedaed9028072021be9999 | ||
| GHSA-7m7q-q53v-j47v | https://github.com/advisories/GHSA-7m7q-q53v-j47v |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-12T08:04:05.926629+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/02/GHSA-7m7q-q53v-j47v/GHSA-7m7q-q53v-j47v.json | 38.6.0 |