| Release | Version |
|---|---|
| jessie | 0.3.2+dfsg-1 |
| stretch | 0.3.6+dfsg-1 |
| buster | 0.5.1+dfsg-1 |
| bullseye | 0.8.0+ds+repack-2 |
| bookworm | 4.2.3+ds+~4.0.7-2 |
| trixie | 4.2.3+ds+~4.0.7-3 |
| sid | 4.2.3+ds+~4.0.7-3 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-21681 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Marked is a markdown parser and compiler. Prior to version 4.0.10, the ... |
| CVE-2022-21680 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Marked is a markdown parser and compiler. Prior to version 4.0.10, the ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1000427 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | marked version 0.3.6 and earlier is vulnerable to an XSS attack in the ... |
| CVE-2017-16114 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | The marked module is vulnerable to a regular expression denial of serv ... |
| CVE-2016-10531 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | marked is an application that is meant to parse and compile markdown. ... |
| CVE-2015-8854 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | The marked package before 0.3.4 for Node.js allows attackers to cause ... |
| CVE-2015-1370 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Nod ... |
| Bug | Description |
|---|---|
| TEMP-0000000-F00632 | node-marked: multiple content injection vulnerabilities |
| CVE-2021-21306 | Marked is an open-source markdown parser and compiler (npm package "ma ... |
| CVE-2014-3743 | Multiple cross-site scripting (XSS) vulnerabilities in the Marked modu ... |