CVE-2019-25103: Regular Expression Denial of Service in simple-markdown
7.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.12588%
CWE
Published
2/12/2023
Updated
10/20/2023
KEV Status
No
Technology
JavaScript
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
simple-markdown | npm | < 0.5.2 | 0.5.2 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from the regex pattern used for inline code parsing in simple-markdown.js. The commit diff shows the vulnerable regex had \s* before/after the content capture group ([\s\S]?[^`]), creating ambiguity in space parsing. This ambiguity led to catastrophic backtracking (CWE-1333). The patch removes these \s quantifiers and adds post-processing for spaces, confirming the regex was the root cause. The function is clearly identified in the defaultRules.inlineCode.match property in simple-markdown.js.