CNNVD-202602-2142 Information
CNNVD ID
CNNVD-202602-2142
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
Markdown-It是Markdown it!开源的一个 Markdown 解析器。 Markdown-It 14.1.1之前版本存在安全漏洞,该漏洞源于linkify函数使用正则表达式,可能导致正则表达式拒绝服务。
Description (English)
Markdown-It is an open source Markdown solver. The previous version of Markdown-It 14.1.1 had a security loophole, which stemmed from the use of regular expressions in the linkify function, which could lead to the rejection of services by regular expressions.
Vulnerability Type
其他
Affected Vendor
Markdown it!
Published
2026-02-12
Last Modified
2026-02-24
References
https://gist.github.com/ltduc147/c9abecae1b291ede4f692f2ab988c917 https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs%23L33 https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26 https://security.snyk.io/vuln/SNYK-JS-MARKDOWNIT-10666750
Patch
https://github.com/markdown-it/markdown-it/tags
Share on: