A Regular expression Denial of Service (ReDoS) vulnerability in the file marked.js of the marked npm package (tested on version 0.3.7) allows a remote attacker to overload and crash a server by passing a maliciously crafted string. References: https://www.checkmarx.com/advisories/regular-expression-denial-service-redos-vulnerability-marked-npm-package/
Created marked tracking bugs for this issue: Affects: epel-all [bug 1524582] Affects: fedora-all [bug 1524583]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.