3 matches found
CVE-2019-12173
MacDown 0.7.1 870 allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138...
CVE-2019-12173
MacDown 0.7.1 870 allows remote code execution via a file:\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138...
CVE-2019-12173
MacDown 0.7.1 is affected by CVE-2019-12173. The Red Hat advisory and OSV records describe a remote code execution path triggered by a file:\ URI with a ".app" pathname in the HREF of an A element, enabling arbitrary code execution if a crafted note is opened. Affected component is the MacDown vi...