CVE-2019-12041

描述

lib/common/html_re.js in remarkable 1.7.1 allows Regular Expression Denial of Service (ReDoS) via a CDATA section.

受影響套件(1)

• npm/remarkablefrom 0, < 1.7.2

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-12041
• WEBhttps://github.com/jonschlinkert/remarkable/commit/287dfbf22e70790c8b709ae37a5be0523597673c
• WEBhttps://github.com/jonschlinkert/remarkable/issues/331
• WEBhttps://github.com/jonschlinkert/remarkable/pull/335#issuecomment-515958379
• WEBhttps://snyk.io/vuln/SNYK-JS-REMARKABLE-174639