Known Vulnerabilities for products from Marked Project
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Marked Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41680 json | Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a critical Denial of Service (DoS) vulnerability exists in m... | Not Provided | 2026-04-24 | 2026-04-28 |
| CVE-2022-21681 json | Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause ca... | 7.5 - HIGH | 2022-01-14 | 2023-11-07 |
| CVE-2022-21680 json | Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic ... | 7.5 - HIGH | 2022-01-14 | 2023-11-07 |
| CVE-2021-21306 json | Marked is an open-source markdown parser and compiler (npm package "marked"). In marked from version 1.1.1 and before version... | 7.5 - HIGH | 2021-02-08 | 2021-02-11 |
| CVE-2017-1000427 json | marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser. | 6.1 - MEDIUM | 2018-01-02 | 2023-11-07 |
| CVE-2017-16114 json | The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public i... | 7.5 - HIGH | 2018-06-07 | 2019-10-09 |
| CVE-2016-10531 json | marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses inp... | 6.1 - MEDIUM | 2018-05-31 | 2019-10-09 |
| CVE-2015-8854 json | The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified v... | Not Provided | 2017-01-23 | 2025-04-20 |
| CVE-2015-1370 json | Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scri... | Not Provided | 2015-01-27 | 2026-05-06 |
| CVE-2014-3743 json | Multiple cross-site scripting (XSS) vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to i... | 6.1 - MEDIUM | 2020-01-06 | 2020-01-13 |
Known software with vulnerabilities from Marked Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Marked Project | Marked | 0.0.1 |