Description
Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript.
Remediation
References
https://nodesecurity.io/advisories/319
https://github.com/jonschlinkert/remarkable/issues/227
Related Vulnerabilities
CVE-2023-30513 Vulnerability in maven package org.csanchez.jenkins.plugins:kubernetes
CVE-2022-2191 Vulnerability in maven package org.eclipse.jetty:jetty-server
CVE-2021-3503 Vulnerability in maven package org.wildfly:wildfly-metrics
CVE-2023-26126 Vulnerability in npm package m.static
CVE-2022-22965 Vulnerability in maven package org.springframework.boot:spring-boot-starter-webflux