markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
References
Configurations
History
07 Nov 2023, 03:31
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1333 |
Information
Published : 2021-03-03 16:15
Updated : 2024-02-28 18:08
NVD link : CVE-2021-26813
Mitre link : CVE-2021-26813
CVE.ORG link : CVE-2021-26813
JSON object : View
Products Affected
fedoraproject
- fedora
markdown2_project
- markdown2
CWE
CWE-1333
Inefficient Regular Expression Complexity