CVE-2022-21670

Name of the Vulnerable Software and Affected Versions markdown-it versions prior to 12.3.2

Description The issue concerns a Markdown parser that can be significantly slowed down by special patterns with lengths greater than 50 thousand characters. There are no known real-world incidents or estimated numbers of affected devices provided.

Recommendations For versions prior to 12.3.2, upgrade to version 12.3.2 or later to receive a patch. As there are no known workarounds aside from upgrading, it is essential to apply this update to mitigate the issue.