Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Uncontrolled Resource Consumption in markdown-it #1269

Closed
palisadoes opened this issue Mar 14, 2022 · 0 comments
Closed

Uncontrolled Resource Consumption in markdown-it #1269

palisadoes opened this issue Mar 14, 2022 · 0 comments
Labels
bug Something isn't working good first issue Good for newcomers security Security fix unapproved Unapproved, needs to be triaged

Comments

@palisadoes
Copy link
Contributor

Describe the bug
Special patterns with length > 50K chars can slow down parser significantly.

  • This vulnerability may be due to a package or a dependency of this packages that we are not using. This needs to be considered

To Reproduce
See screenshot

Expected behavior
Normal parsing velocity

How to fix
Upgrade to v12.3.2+

Screenshots
image

Additional details
@palisadoes palisadoes added bug Something isn't working good first issue Good for newcomers security Security fix labels Mar 14, 2022
@github-actions github-actions bot added the unapproved Unapproved, needs to be triaged label Mar 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers security Security fix unapproved Unapproved, needs to be triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@palisadoes