Vulnerabilities > Marked Project

DATE CVE VULNERABILITY TITLE RISK
2022-01-14 CVE-2022-21680 Marked is a markdown parser and compiler.
network
low complexity
marked-project fedoraproject
7.5
2022-01-14 CVE-2022-21681 Marked is a markdown parser and compiler.
network
low complexity
marked-project fedoraproject
7.5
2021-02-08 CVE-2021-21306 Resource Exhaustion vulnerability in Marked Project Marked
Marked is an open-source markdown parser and compiler (npm package "marked").
network
low complexity
marked-project CWE-400
7.5
2020-01-06 CVE-2014-3743 Cross-site Scripting vulnerability in Marked Project Marked
Multiple cross-site scripting (XSS) vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) gfm codeblocks (language) or (2) javascript url's.
network
low complexity
marked-project CWE-79
6.1
2018-06-07 CVE-2017-16114 Resource Exhaustion vulnerability in Marked Project Marked
The marked module is vulnerable to a regular expression denial of service.
network
low complexity
marked-project CWE-400
7.5
2018-05-31 CVE-2016-10531 Cross-site Scripting vulnerability in Marked Project Marked
marked is an application that is meant to parse and compile markdown.
network
low complexity
marked-project CWE-79
6.1
2018-01-02 CVE-2017-1000427 Cross-site Scripting vulnerability in Marked Project Marked
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
network
low complexity
marked-project CWE-79
6.1
2017-01-23 CVE-2015-8854 The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service (ReDoS)."
network
low complexity
marked-project fedoraproject
7.5