Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-41748

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.01641EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.13 views

Fedora 39 : ghostwriter (2023-d1e9e62a92)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d1e9e62a92 advisory. Automatic update for ghostwriter-23.03.90-2.fc39. Changelog Sat Apr 1 2023 Vitaly Zaitsev - 23.03.90-2 - Switched to Ninja. - Explicitly set Release...

7.5CVSS6.7AI score0.01641EPSS
Exploits0References2
OSV
OSV
added 2023/10/06 5:0 a.m.60 views

RSEC-2023-7 Denial of Service (DoS) and Arbitrary Code Execution (ACE) vulnerabilities

cmark-gfm, GitHub's extended CommonMark library, has multiple vulnerabilities. Versions prior to 0.29.0.gfm.6 suffer from a polynomial time complexity issue in the autolink extension, causing denial of service. Also, versions before 0.29.0.gfm.3 and 0.28.3.gfm.21 contain an integer overflow in...

9.8CVSS8.3AI score0.04192EPSS
Exploits3References3
Snyk
Snyk
added 2023/01/24 12:19 p.m.3 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the validateprotocol function in extensions/autolink.c, which exposes malloc metadata. NOTE: The maintainers believe this is harmless. PoC sh echo "to:[email protected]" | ./src/cmark-gfm -e autolink Remediation...

5.3CVSS7AI score0.00723EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.29 views

Fedora 35 : ghc-cmark-gfm (2022-f1aed93db8)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f1aed93db8 advisory. updates the C library to 0.29.0.gfm.6 which fixes CVE-2022-39209 Tenable has extracted the preceding description block directly from the Fedora...

7.5CVSS6.8AI score0.01641EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/09/28 6:8 p.m.31 views

CVE-2022-39209

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

6.5CVSS3AI score0.01641EPSS
Exploits0References3
OSV
OSV
added 2022/09/21 6:18 p.m.15 views

GHSA-4QW4-JPP4-8GVP Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service

Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. A polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Patches This vulnerability has been patched in the following CommonMarker...

7AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/09/21 6:18 p.m.23 views

Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service

Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. A polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Patches This vulnerability has been patched in the following CommonMarker...

0.7AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/21 12:0 a.m.7 views

PT-2022-28194 · Unknown +1 · Commonmarker +1

Name of the Vulnerable Software and Affected Versions: CommonMarker versions prior to 0.23.6 Description: A polynomial time complexity issue in the autolink extension of cmark-gfm, used by CommonMarker for rendering Github Flavored Markdown, may lead to unbounded resource exhaustion and subsequen...

7.2AI score
Exploits0References5
NVD
NVD
added 2022/09/15 6:15 p.m.19 views

CVE-2022-39209

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

7.5CVSS0.01641EPSS
Exploits0References6
Prion
Prion
added 2022/09/15 6:15 p.m.16 views

Code injection

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

4CVSS6.3AI score0.01641EPSS
Exploits0References6Affected Software2
Vulnrichment
Vulnrichment
added 2022/09/15 12:0 a.m.6 views

CVE-2022-39209 Uncontrolled Resource Consumption in cmark-gfm

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

7.5CVSS7.3AI score0.01641EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2022/09/15 12:0 a.m.37 views

CVE-2022-39209

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

7.5CVSS6.5AI score0.01641EPSS
Exploits0
OSV
OSV
added 2022/09/15 12:0 a.m.26 views

CVE-2022-39209 Uncontrolled Resource Consumption in cmark-gfm

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

7.5CVSS6.3AI score0.01641EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/09/15 12:0 a.m.39 views

CVE-2022-39209 Uncontrolled Resource Consumption in cmark-gfm

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

7.5CVSS7.6AI score0.01641EPSS
Exploits0References6
Hacker One
Hacker One
added 2022/06/29 8:12 p.m.23 views

GitHub: DoS via markdown API from unauthenticated user

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

4CVSS2.9AI score0.01641EPSS
Exploits0
Mageia
Mageia
added 2015/05/11 8:10 p.m.21 views

Updated ruby-redcarpet packages fix a security vulnerability

Updated ruby-redcarpet packages fix security vulnerability: Redcarpet allows for possible XSS of untrusted markdown if the autolink extension is enabled...

3.1AI score
Exploits0References2
OSV
OSV
added 2015/05/11 8:10 p.m.4 views

MGASA-2015-0206 Updated ruby-redcarpet packages fix a security vulnerability

Updated ruby-redcarpet packages fix security vulnerability: Redcarpet allows for possible XSS of untrusted markdown if the autolink extension is enabled...

6.4AI score
Exploits0References3
Rows per page
Query Builder