Homepage
About Snyk

snudown@1.0.0 vulnerabilities

placeholder

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the snudown package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Denial of Service (DoS)

snudown is a placeholder

Affected versions of this package are vulnerable to Denial of Service (DoS) via its reference table implementation. References written in markdown [reference_name]: https://www.example.com are inserted into a hash table which was found to have a weak hash function, meaning that an attacker can reliably generate a large number of collisions for it. This makes the hash table vulnerable to a hash-collision DoS attack, a type of algorithmic complexity attack.

Further the hash table allowed for duplicate entries resulting in long retrieval times.

How to fix Denial of Service (DoS)?

A fix was pushed into the master branch but not yet published.

[0,)
Go back to all versions of this package