8 matches found
ALSA-2021:1972 Moderate: pandoc security update
Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Security Fixes: cmark-gfm: Exponential time to parse certain inputs could lead to DoS CVE-2020-5238 For more details about the security issues, including the impact, a CVS...
Moderate: pandoc security update
Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Security Fixes: cmark-gfm: Exponential time to parse certain inputs could lead to DoS CVE-2020-5238 For more details about the security issues, including the impact, a CVS...
Fedora: Security Advisory for patat (FEDORA-2020-1eaffe0013)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for pandoc-citeproc (FEDORA-2020-1eaffe0013)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 32 : ghc-cmark-gfm / ghc-hakyll / gitit / pandoc / pandoc-citeproc / etc (2020-1eaffe0013)
Security fix for CVE-2020-5238 - ghc-cmark-gfm updated to 0.2.2 which rebases the bundled cmark-gfm to 0.29.0.gfm.1 - also update hakyll to 4.13.4.0 https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5 -hc85 Note that Tenable Network Security has extracted the preceding...
Fedora: Security Advisory for ghc-hakyll (FEDORA-2020-c39d7a562c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-5238
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes On n time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project...
CVE-2020-5238
CVE-2020-5238 affects the GitHub Flavored Markdown table extension (cmark-gfm). The vulnerability is an O(n^2) input parsing time for certain markdown tables, enabling DoS; the upstream cmark project is not affected. The issue has been fixed in version 0.29.0.gfm.1 of the GFM extension. Public do...