VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Marked Project
>
Marked
> 0.3.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-01-14
CVE-2022-21680
Marked is a markdown parser and compiler.
network
low complexity
marked-project
fedoraproject
7.5
7.5
2022-01-14
CVE-2022-21681
Marked is a markdown parser and compiler.
network
low complexity
marked-project
fedoraproject
7.5
7.5
2018-06-07
CVE-2017-16114
Resource Exhaustion vulnerability in Marked Project Marked
The marked module is vulnerable to a regular expression denial of service.
network
low complexity
marked-project
CWE-400
5.0
5.0
2018-05-31
CVE-2016-10531
Cross-site Scripting vulnerability in Marked Project Marked
marked is an application that is meant to parse and compile markdown.
network
marked-project
CWE-79
4.3
4.3
2018-01-02
CVE-2017-1000427
Cross-site Scripting vulnerability in Marked Project Marked
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
network
low complexity
marked-project
CWE-79
6.1
6.1
2017-01-23
CVE-2015-8854
The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service (ReDoS)."
network
low complexity
marked-project
fedoraproject
7.5
7.5
2015-01-27
CVE-2015-1370
Unspecified vulnerability in Marked Project Marked
Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks via a vbscript tag in a link.
network
marked-project
4.3
4.3