Sign In

CVE-2024-1899

ADVISORY - github

Summary

Showdownjs, versions <= 2.1.0, anchors subparser used to parse links has a nested regular expression which can lead to denial of service conditions given malicious input.

EPSS Score: 0.00267 (0.504)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-674

Uncontrolled Recursion

ADVISORY - github

CWE-674

Uncontrolled Recursion

CWE-777

Regular Expression without Anchors

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in