Ubuntu: Security Advisory (USN-7319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7319-1 cmark-gfm vulnerabilities

It was discovered that cmark-gfm's autolink extension did not correctly handle parsing large inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-39209 It was discovered that cmark-gfm did not...

GHSA-48WP-P9QV-4J64 Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service

Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-24824 CVE-2023-26485 For more information, consult the release notes for versi...

Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service

Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-24824 CVE-2023-26485 For more information, consult the release notes for versi...

CVE-2023-26485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

CVE-2023-26485 Quadratic complexity may lead to a denial of service in cmark-gfm

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

CVE-2023-26485

CVE-2023-26485 affects cmark-gfm (GitHub’s fork of cmark) and causes a polynomial-time denial-of-service when parsing inputs with very large sequences of underscores, due to a quadratic complexity in parsing. The issue has been addressed in version 0.29.0.gfm.10 ; upgrading to this version (or ap...

CVE-2023-26485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...