Medium severity6.1NVD Advisory· Published Jan 2, 2018· Updated Jun 17, 2026
CVE-2017-1000427
CVE-2017-1000427
Description
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
markednpm | < 0.3.7 | 0.3.7 |
Affected products
1Patches
Vulnerability mechanics
References
7- snyk.io/vuln/npm:marked:20170112nvdExploitPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-7px7-7xjx-hxm8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000427ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZSghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2SghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO2RMVVZVV6NFTU46B5RYRK7ZCXYARZS/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6BJG6RGDH7ZWVVAUFBFI5L32RSMQN2S/nvd
News mentions
0No linked articles in our index yet.