Vulnerabilities > CVE-2021-43308 - Unspecified vulnerability in Markdown-Link-Extractor Project Markdown-Link-Extractor

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
markdown-link-extractor-project

Summary

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function