Remarkable Project Remarkable — known CVE vulnerabilities
Every CVE whose affected-product data names Remarkable Project Remarkable, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-12041 — CVSS 7.5 (high): lib/common/html_re.js in remarkable 1.7.1 allows Regular Expression Denial of Service (ReDoS) via a CDATA section.
CVE-2014-10065 — CVSS 6.1 (medium): Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing…
CVE-2017-16006 — CVSS 6.1 (medium): Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute…
CVE-2019-12043 — CVSS 6.1 (medium): In remarkable 1.7.1, lib/parser_inline.js mishandles URL filtering, which allows attackers to trigger XSS via unprintable characters, as…