Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-22485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document ca...

5.3CVSS5.5AI score0.00723EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2023/01/24 6:12 p.m.35 views

Several quadratic complexity bugs may lead to denial of service in Commonmarker

Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-22483 CVE-2023-22484 CVE-2023-22485 CVE-2023-22486 For more information, consu...

7.5CVSS4.1AI score0.01108EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2023/01/24 6:12 p.m.29 views

GHSA-636F-XM5J-PJ9M Several quadratic complexity bugs may lead to denial of service in Commonmarker

Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-22483 CVE-2023-22484 CVE-2023-22485 CVE-2023-22486 For more information, consu...

6.1AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/01/24 1:15 a.m.23 views

CVE-2023-22485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validateprotocol function. We believe this bug is harmless in practice, because the out-of-bounds...

5.3CVSS6AI score0.00723EPSS
Exploits1References2
CVE
CVE
added 2023/01/24 12:26 a.m.69 views

CVE-2023-22485

CVE-2023-22485 affects cmark-gfm (GitHub’s fork of cmark, C) at versions prior to 0.29.0.gfm.7. The vulnerability is an out-of-bounds read in the validate_protocol function caused by parsing crafted Markdown; impact is described as benign in practice, reading malloc metadata without visible damag...

5.3CVSS5.4AI score0.00723EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/01/24 12:26 a.m.31 views

CVE-2023-22485 cmark-gfm out-of-bounds read in validate_protocol

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validateprotocol function. We believe this bug is harmless in practice, because the out-of-bounds...

5.3CVSS5.8AI score0.00723EPSS
Exploits1References1
Rows per page
Query Builder