9 matches found
Fedora 36 : rust-askama / rust-askama_shared / rust-comrak (2023-b37722768e)
The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-b37722768e advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...
Fedora 38 : rust-askama / rust-askama_shared / rust-comrak (2023-035d5910b9)
The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-035d5910b9 advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...
Fedora 37 : rust-askama / rust-askama_shared / rust-comrak (2023-e9243281cb)
The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-e9243281cb advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...
CVE-2023-28626
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...
Design/Logic Flaw
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...
CVE-2023-28626 Quadratic runtime when parsing Markdown in comrak
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...
CVE-2023-28626
CVE-2023-28626 affects the comrak crate (Rust) used for CommonMark/GFM parsing. Connected documents confirm the vulnerability is a set of quadratic parsing issues that can cause denial-of-service in services parsing Markdown, with remediation by upgrading to a newer comrak release (addressed in 0...
CVE-2023-28626 Quadratic runtime when parsing Markdown in comrak
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...
CVE-2023-28626 Quadratic runtime when parsing Markdown in comrak
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...