---

CVE-2021-21306 - log back

CVE-2021-21306 edited at 04 May 2021 10:36:59
Severity	- Low + Medium

CVE-2021-21306 edited at 04 May 2021 10:36:38
Remote	- Local + Remote

CVE-2021-21306 edited at 08 Feb 2021 23:11:04
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ In marked from version 1.1.1 and before version 2.0.0, there is a Regular expression Denial of Service vulnerability. This vulnerability can affect anyone who runs user generated code through marked. This vulnerability is fixed in version 2.0.0.
References	+ https://github.com/markedjs/marked/security/advisories/GHSA-4r62-v4vq-hr96 + https://github.com/markedjs/marked/issues/1927 + https://github.com/markedjs/marked/pull/1864 + https://github.com/markedjs/marked/commit/7293251c438e3ee968970f7609f1a27f9007bccd
Notes

CVE-2021-21306 created at 08 Feb 2021 23:08:55