Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.17 views

Fedora 38 : rust-askama / rust-askama_shared / rust-comrak (2023-035d5910b9)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-035d5910b9 advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

9.8CVSS7.8AI score0.01268EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.17 views

Fedora 37 : rust-askama / rust-askama_shared / rust-comrak (2023-e9243281cb)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-e9243281cb advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

9.8CVSS7.8AI score0.01268EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.13 views

Fedora 36 : rust-askama / rust-askama_shared / rust-comrak (2023-b37722768e)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-b37722768e advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

9.8CVSS7.8AI score0.01268EPSS
Exploits0References3
NVD
NVD
added 2023/03/28 9:15 p.m.12 views

CVE-2023-28631

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

9.8CVSS7.3AI score0.01268EPSS
Exploits0References5
Prion
Prion
added 2023/03/28 9:15 p.m.13 views

Hardcoded credentials

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

7.5CVSS9.1AI score0.01268EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/28 8:17 p.m.5 views

CVE-2023-28631 Attacker controlled data in AST nodes is not validated in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

5.3CVSS9.3AI score0.01268EPSS
Exploits0References5
CVE
CVE
added 2023/03/28 8:17 p.m.59 views

CVE-2023-28631

CVE-2023-28631 affects the comrak Markdown parser/renderer (Rust). The issue arises when an AST is constructed manually and later formatted to HTML; the formatter assumes data is valid UTF-8, but some [u8] fields may not be, triggering bugs. Affected version is 0.17.0; remediation per sources is ...

9.8CVSS7.2AI score0.01268EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/03/28 8:17 p.m.47 views

CVE-2023-28631 Attacker controlled data in AST nodes is not validated in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

5.3CVSS9.5AI score0.01268EPSS
Exploits0References5
OSV
OSV
added 2023/03/28 8:17 p.m.11 views

CVE-2023-28631 Attacker controlled data in AST nodes is not validated in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

5.3CVSS8.7AI score0.01268EPSS
Exploits0References7
Rows per page
Query Builder