Low severityNVD Advisory· Published Jun 1, 2022· Updated Sep 16, 2024
Exponential ReDoS in markdown-link-extractor
CVE-2021-43308
Description
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
markdown-link-extractornpm | < 3.0.2 | 3.0.2 |
markdown-link-extractornpm | >= 4.0.0, < 4.0.1 | 4.0.1 |
Affected products
1Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.