Ubuntu: Security Advisory (USN-7319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7319-1 cmark-gfm vulnerabilities

It was discovered that cmark-gfm's autolink extension did not correctly handle parsing large inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-39209 It was discovered that cmark-gfm did not...

GHSA-636F-XM5J-PJ9M Several quadratic complexity bugs may lead to denial of service in Commonmarker

Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-22483 CVE-2023-22484 CVE-2023-22485 CVE-2023-22486 For more information, consu...

Several quadratic complexity bugs may lead to denial of service in Commonmarker

Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-22483 CVE-2023-22484 CVE-2023-22485 CVE-2023-22486 For more information, consu...

CVE-2023-22483

CVE-2023-22483 affects cmark-gfm, GitHub’s fork of the CommonMark C library. The issue is a set of polynomial-time complexity vulnerabilities in cmark-gfm that can cause unbounded resource exhaustion and denial of service when parsing large inputs, affecting versions prior to 0.29.0.gfm.7. Severa...