Description
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function
Remediation
References
https://research.jfrog.com/vulnerabilities/markdown-link-extractor-redos-xray-211350/
Related Vulnerabilities
CVE-2020-7676 Vulnerability in npm package angular
CVE-2021-43306 Vulnerability in maven package org.webjars.npm:jquery-validation
CVE-2020-5231 Vulnerability in maven package org.opencastproject:opencast-kernel
CVE-2016-10735 Vulnerability in maven package org.webjars:bootstrap-sass
CVE-2023-40817 Vulnerability in maven package org.opencrx:opencrx-core-models