CVE-2022-21670
- Reference to the description:
- Description:
- markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading.
- Last updated date:
- 07/24/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/18/2022
- Reference url to background
https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c