March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Extended Detection and Response (XDR): The Next Big Thing In Security?
January 11, 2022Rewterz Threat Advisory – CVE-2022-23222 – Linux Kernel Vulnerability
January 17, 2022Extended Detection and Response (XDR): The Next Big Thing In Security?
January 11, 2022Rewterz Threat Advisory – CVE-2022-23222 – Linux Kernel Vulnerability
January 17, 2022
Severity
High
Analysis Summary
CVE-2022-21681
Node.js marked module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in inline.reflinkSearch. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2022-21680
Node.js marked module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in block.def. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Affected Vendors
Node.js
Affected Products
- Node.js marked 4.0.9
Remediation
Upgrade to the latest version of Marked, available from the Marked GIT Repository.