Vulnerability Data

CVE-2022-21670

Track security vulnerabilities

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading.

Published at
2022-01-10
6 days ago
Modified
2022-01-10
6 days ago
2022
Year
The year of the turtle

https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c

CONFIRM:https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c

Read More about itMore info

https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101

MISC:https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101

Read More about itMore info

Vulnerability RAW

{
	"Title": {
		"_text": "CVE-2022-21670"
	},
	"Notes": {
		"Note": [
			{
				"_text": "markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading."
			},
			{
				"_text": "2022-01-10"
			},
			{
				"_text": "2022-01-10"
			}
		]
	},
	"CVE": {
		"_text": "CVE-2022-21670"
	},
	"References": {
		"Reference": [
			{
				"URL": {
					"_text": "https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c"
				},
				"Description": {
					"_text": "CONFIRM:https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c"
				}
			},
			{
				"URL": {
					"_text": "https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101"
				},
				"Description": {
					"_text": "MISC:https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101"
				}
			}
		]
	}
}