org.webjars:marked@0.3.2 vulnerabilities

  • latest version

    0.3.2-1

  • first published

    11 years ago

  • latest version published

    10 years ago

  • licenses detected

  • package manager

  • Direct Vulnerabilities

    Known vulnerabilities in the org.webjars:marked package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when unsanitized user input is passed to block.def.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • M
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when passing unsanitized user input to inline.reflinkSearch, if it is not being parsed by a time-limited worker thread.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • M
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). The em regex within src/rules.js file have multiple unused capture groups which could lead to a denial of service attack if user input is reachable.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • M
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). A Denial of Service condition could be triggered through exploitation of the heading regex.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • M
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). The inline.text regex may take quadratic time to scan for potential email addresses starting at every point.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • H
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). This can cause an impact of about 10 seconds matching time for data 150 characters long.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • H
    Cross-site Scripting (XSS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Browsers support both lowercase and uppercase x in hexadecimal form of HTML character entity, but marked unescaped only lowercase.

    This may allow an attacker to create a link with javascript code.

    For example:

    var marked = require('marked');
    marked.setOptions({
      renderer: new marked.Renderer(),
      sanitize: true
    });
    
    text = `
    lower[click me](javascript:...)lower
    upper[click me](javascript:...)upper
    `;
    
    console.log(marked(text));
    

    will render the following:

    <p>lowerlower
    upper<a href="javascript&#X3a;...">click me</a>upper</p>
    

    How to fix Cross-site Scripting (XSS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • M
    Cross-site Scripting (XSS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS). When mangling is disabled via option mangle, marked doesn't escape target href. This may allow an attacker to inject arbitrary html-event into resulting a tag.

    For example:

    var marked = require('marked');
    marked.setOptions({
      renderer: new marked.Renderer(),
      sanitize: true,
      mangle: false
    });
    
    text = `
    <bar"onclick="alert('XSS')"@foo>
    `;
    
    console.log(marked(text));
    

    will render:

    <p><a href="mailto:bar"onclick="alert('XSS')"@foo">bar"onclick="alert('XSS')"@foo</a></p>
    

    How to fix Cross-site Scripting (XSS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • H
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when parsing the input markdown content (1,000 characters costs around 6 seconds matching time).

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • H
    Cross-site Scripting (XSS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Data URIs enable embedding small files in line in HTML documents, provided in the URL itself. Attackers can craft malicious web pages containing either HTML or script code that utilizes the data URI scheme, allowing them to bypass access controls or steal sensitive information.

    An example of data URI used to deliver javascript code. The data holds <script>alert('XSS')</script> tag in base64 encoded format.

    [xss link](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)
    

    How to fix Cross-site Scripting (XSS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • H
    Cross-site Scripting (XSS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS). An attacker could bypass its output sanitization (sanitize: true) protection. Using the HTML Coded Character Set, attackers can inject javascript: code snippets into the output. For example, the following input javascript&#x58document;alert&#40;1&#41; will result in alert(1) being executed when the user clicks on the link.

    How to fix Cross-site Scripting (XSS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • H
    Regular Expression Denial of Service (ReDoS)

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when certain types of input are passed in to be parsed.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for org.webjars:marked.

    [0,)
    • M
    VBScript Content Injection

    org.webjars:marked is a low-level compiler for parsing markdown without caching or blocking for long periods of time.

    Affected versions of this package are vulnerable to VBScript Content Injection. [xss link](vbscript:alert(1&#41;)

    will get a link

    <a href="vbscript:alert(1)">xss link</a>

    This script does not work in IE 11 edge mode, but works in IE 10 compatibility view.

    How to fix VBScript Content Injection?

    There is no fixed version for org.webjars:marked.

    [0,)