CVE-2024-1899

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-1899

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1899.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-1899

Aliases

GHSA-rmmh-p597-ppvv

Published

2024-02-26T19:15:07.037Z

Modified

2026-05-05T16:11:40.720743539Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could allow a remote attacker to cause denial of service conditions.

References

https://www.tenable.com/security/research/tra-2024-05

Affected packages

Git / github.com/showdownjs/showdown

Affected ranges

Type

GIT

Repo

https://github.com/showdownjs/showdown

Events

Introduced

Last affected

9958ba5cfaf01c93ea9e1a48650fb3074eff98ce

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.0"
        }
    ]
}

Affected versions

0.*

0.4.0

0.5.0

0.5.1

1.*

1.0.0

1.0.0-alpha.2

1.0.0-alpha1

1.0.1

1.0.2

1.1.0

1.2.0

1.2.1

1.2.2

1.3.0

1.4.0

1.4.2

1.4.3

1.4.4

1.5.0

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.7.0

1.7.1

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.8.0

1.8.1

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.9.0

1.9.1

2.*

2.0.0

2.0.0-alpha

2.0.1

2.0.2

2.0.3

2.0.4

2.1.0

v0.*

v0.3.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1899.json"