automatic module_metadata_base.json update

db/modules_metadata_base.json

@@ -5590,6 +5590,33 @@
     "ref_name": "dos/http/ibm_lotus_notes2",
     "check": false
   },
+  "auxiliary_dos/http/marked_redos": {
+    "name": "marked npm module \"heading\" ReDoS",
+    "full_name": "auxiliary/dos/http/marked_redos",
+    "rank": 300,
+    "disclosure_date": null,
+    "type": "auxiliary",
+    "author": [
+      "Adam Cazzolla, Sonatype Security Research",
+      "Nick Starke, Sonatype Security Research"
+    ],
+    "description": "This module exploits a Regular Expression Denial of Service vulnerability\n        in the npm module \"marked\". The vulnerable portion of code that this module\n        targets is in the \"heading\" regular expression. Web applications that use\n        \"marked\" for generating html from markdown are vulnerable. Versions up to\n        0.4.0 are vulnerable.",
+    "references": [
+      "URL-https://blog.sonatype.com/cve-2017-17461-vulnerable-or-not",
+      "CWE-400"
+    ],
+    "is_server": false,
+    "is_client": false,
+    "platform": "",
+    "arch": "",
+    "rport": 80,
+    "targets": null,
+    "mod_time": "2018-08-16 14:59:32 +0000",
+    "path": "/modules/auxiliary/dos/http/marked_redos.rb",
+    "is_install_path": true,
+    "ref_name": "dos/http/marked_redos",
+    "check": false
+  },
   "auxiliary_dos/http/monkey_headers": {
     "name": "Monkey HTTPD Header Parsing Denial of Service (DoS)",
     "full_name": "auxiliary/dos/http/monkey_headers",