Tag
marked
Safeguard articles tagged "marked" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
CVE-2018-1000620: ReDoS in marked markdown parser
A ReDoS flaw in the marked Markdown parser (CVE-2018-1000620) let crafted input stall Node.js services. Here's the impact, fix, and how to catch it in your dependency tree.
Oct 14, 20258 min read
Vulnerability Analysis
CVE-2022-21681: Second ReDoS flaw in marked
CVE-2022-21681 is a ReDoS flaw in marked's inline tokenizer that lets crafted Markdown hang parsing. What's affected, severity, and how to remediate.
Oct 13, 20256 min read