CVE-2022-21670

Published January 10th, 2022

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading.

markdown-it/markdown-it

Markdown parser, done right. 100% CommonMark support, extensions, syntax plugins & high speed

GitHub

21.6K