| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-8854 | 7.8 |
The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service (
|
09-02-2024 - 03:01 | 23-01-2017 - 21:59 | |
| CVE-2017-1000427 | 4.3 |
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
|
31-05-2020 - 06:15 | 02-01-2018 - 23:29 |