18 matches found
EUVD-2022-41748
Malicious code in bioql PyPI...
Fedora 39 : ghostwriter (2023-d1e9e62a92)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d1e9e62a92 advisory. Automatic update for ghostwriter-23.03.90-2.fc39. Changelog Sat Apr 1 2023 Vitaly Zaitsev - 23.03.90-2 - Switched to Ninja. - Explicitly set Release...
RSEC-2023-7 Denial of Service (DoS) and Arbitrary Code Execution (ACE) vulnerabilities
cmark-gfm, GitHub's extended CommonMark library, has multiple vulnerabilities. Versions prior to 0.29.0.gfm.6 suffer from a polynomial time complexity issue in the autolink extension, causing denial of service. Also, versions before 0.29.0.gfm.3 and 0.28.3.gfm.21 contain an integer overflow in...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the validateprotocol function in extensions/autolink.c, which exposes malloc metadata. NOTE: The maintainers believe this is harmless. PoC sh echo "to:[email protected]" | ./src/cmark-gfm -e autolink Remediation...
Fedora 35 : ghc-cmark-gfm (2022-f1aed93db8)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f1aed93db8 advisory. updates the C library to 0.29.0.gfm.6 which fixes CVE-2022-39209 Tenable has extracted the preceding description block directly from the Fedora...
CVE-2022-39209
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
GHSA-4QW4-JPP4-8GVP Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. A polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Patches This vulnerability has been patched in the following CommonMarker...
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. A polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Patches This vulnerability has been patched in the following CommonMarker...
PT-2022-28194 · Unknown +1 · Commonmarker +1
Name of the Vulnerable Software and Affected Versions: CommonMarker versions prior to 0.23.6 Description: A polynomial time complexity issue in the autolink extension of cmark-gfm, used by CommonMarker for rendering Github Flavored Markdown, may lead to unbounded resource exhaustion and subsequen...
CVE-2022-39209
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
Code injection
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
CVE-2022-39209 Uncontrolled Resource Consumption in cmark-gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
CVE-2022-39209
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
CVE-2022-39209 Uncontrolled Resource Consumption in cmark-gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
CVE-2022-39209 Uncontrolled Resource Consumption in cmark-gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
GitHub: DoS via markdown API from unauthenticated user
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...
Updated ruby-redcarpet packages fix a security vulnerability
Updated ruby-redcarpet packages fix security vulnerability: Redcarpet allows for possible XSS of untrusted markdown if the autolink extension is enabled...
MGASA-2015-0206 Updated ruby-redcarpet packages fix a security vulnerability
Updated ruby-redcarpet packages fix security vulnerability: Redcarpet allows for possible XSS of untrusted markdown if the autolink extension is enabled...