Maanvader

**Name of the Vulnerable Software and Affected Versions** basic-ftp versions prior to 5.3.0 **Description** An issue in the Node.js FTP client allows for a denial of service via unbounded memory growth during the processing of directory listings from a remote FTP server. A malicious or compromised server can send an excessively large or infinite listing response to the `Client.list()` function, leading the client process to consume memory until it crashes or becomes unstable. **Recommendations** Update to version 5.3.0.

**Name of the Vulnerable Software and Affected Versions** Marked versions 18.0.0 through 18.0.1 **Description** A Denial of Service (DoS) issue exists in the markdown parser and compiler. An unauthenticated attacker can trigger an infinite recursion loop during parsing by providing a specific 3-byte input sequence consisting of a tab, a vertical tab, and a newline (x09x0b ). This results in unbounded memory allocation, leading to memory exhaustion (OOM) and causing the host Node.js application to crash. **Recommendations** Update to version 18.0.2.