Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.13 views

Fedora 36 : rust-askama / rust-askama_shared / rust-comrak (2023-b37722768e)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-b37722768e advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

9.8CVSS7.8AI score0.01268EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.17 views

Fedora 38 : rust-askama / rust-askama_shared / rust-comrak (2023-035d5910b9)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-035d5910b9 advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

9.8CVSS7.8AI score0.01268EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.17 views

Fedora 37 : rust-askama / rust-askama_shared / rust-comrak (2023-e9243281cb)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-e9243281cb advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

9.8CVSS7.8AI score0.01268EPSS
Exploits0References3
NVD
NVD
added 2023/03/28 9:15 p.m.10 views

CVE-2023-28626

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...

7.5CVSS6.2AI score0.0112EPSS
Exploits0References5
Prion
Prion
added 2023/03/28 9:15 p.m.11 views

Design/Logic Flaw

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...

5CVSS8.2AI score0.0112EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/03/28 8:14 p.m.41 views

CVE-2023-28626 Quadratic runtime when parsing Markdown in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...

5.3CVSS8.6AI score0.0112EPSS
Exploits0References5
CVE
CVE
added 2023/03/28 8:14 p.m.57 views

CVE-2023-28626

CVE-2023-28626 affects the comrak crate (Rust) used for CommonMark/GFM parsing. Connected documents confirm the vulnerability is a set of quadratic parsing issues that can cause denial-of-service in services parsing Markdown, with remediation by upgrading to a newer comrak release (addressed in 0...

7.5CVSS6.1AI score0.0112EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/28 8:14 p.m.6 views

CVE-2023-28626 Quadratic runtime when parsing Markdown in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...

5.3CVSS6.6AI score0.0112EPSS
Exploits0References5
OSV
OSV
added 2023/03/28 8:14 p.m.11 views

CVE-2023-28626 Quadratic runtime when parsing Markdown in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in version 0.17.0. Use...

5.3CVSS7.4AI score0.0112EPSS
Exploits0References7
Rows per page
Query Builder