Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ckeditor5\-Engine
(Ckeditor)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-29 | CVE-2021-21391 | CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media-embed, ckeditor5-paste-from-office, and ckeditor5-widget. Following an internal audit, a regular expression denial of service (ReDoS) vulnerability has been discovered in multiple CKEditor 5 packages. The vulnerability allowed to abuse particular regular expressions, which could cause a... | Ckeditor5\-Engine, Ckeditor5\-Font, Ckeditor5\-Image, Ckeditor5\-List, Ckeditor5\-Markdown\-Gfm, Ckeditor5\-Media\-Embed, Ckeditor5\-Paste\-From\-Office, Ckeditor5\-Widget | 6.5 |