Description
Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service.
References (4)
Core 4
Core References
Issue Tracking, Third Party Advisory issue-tracking
https://github.com/markedjs/marked/issues/1070
Issue Tracking, Patch issue-tracking
https://github.com/markedjs/marked/pull/1083
Exploit, Third Party Advisory exploit
https://github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2018/CVE-2018-25110
Scores
CVSS v3
7.5
EPSS
0.0077
EPSS Percentile
73.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-1333
Status
published
Products (2)
marked_project/marked
< 0.3.17
npm/marked
0 - 0.3.17npm
Published
May 23, 2025
Tracked Since
Feb 18, 2026