Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

PT-2021-5816

🗓️ 14 Mar 2021 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity🔗 dbugs.ptsecurity.com👁 1 Views

Kramdown before 2.3.1 allows arbitrary Rouge formatters, risking data exposure and service denial.

Related
Refs
ReporterTitlePublishedViews
Family
FreeBSD		kramdown -- template option vulnerability
28 Jun 202000:00
freebsd
FreeBSD		Gitlab -- Multiple Vulnerabilities
5 Aug 202000:00
freebsd
AlpineLinux		CVE-2020-14001
17 Jul 202015:27
alpinelinux
AstraLinux		 Astra Linux - уязвимость в ruby-kramdown
20 May 202605:53
astralinux
BDU FSTEC		The vulnerability of the kramdown gem interpreter for Ruby, allowing a hacker to execute arbitrary code.
23 Jun 202100:00
bdu_fstec
BDU FSTEC		The vulnerability of the Rouge formatting tool, a program for grammatical analysis and format conversion of Markdown Kramdown, arises from the use of externally controlled input data for class selection. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
20 Jan 202200:00
bdu_fstec
Circl		CVE-2021-28834
10 Nov 202322:46
circl
CNNVD		Thomas Leitner kramdown 安全漏洞
19 Mar 202100:00
cnnvd
CVE		CVE-2020-14001
17 Jul 202015:27
cve
CVE		CVE-2021-28834
19 Mar 202106:51
cve
Rows per page
SourceLink
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/SYOLQKFL6IJCQLBXV34Z4TI4O54GESPR
cvewww.cve.org/CVERecord
gitlabwww.gitlab.com/gitlab-org/gitlab/-/commit/179329b5c3c118924fb242dc449d06b4ed6ccb66
osvwww.osv.dev/vulnerability/openSUSE-SU-2026:10352-1
twww.t.me/cvenotify/11575
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/S3BBLUIDCUUR3NEE4NJLOCCAV3ALQ3O6
githubwww.github.com/gettalong/kramdown/compare/REL_2_3_0...REL_2_3_1
xn--80ahaefyxhnwww.xn--80ahaefyxhn.xn--j1afgaq.xn--p1ai/bin/view/%D0%9E%D0%A1%D0%BD%D0%BE%D0%B2%D0%B0/%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F/2.1
susewww.suse.com/security/cve/CVE-2021-28834
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S3BBLUIDCUUR3NEE4NJLOCCAV3ALQ3O6
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Mar 2026 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 3.19.8
CVSS 27.5
EPSS0.07509
kramdown vulnerabilityrouge formattersarbitrary class instantiationdenial of servicedata exposure
1