32 matches found
EUVD-2020-26457
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-5238
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes On n time to parse certain inputs. An attacker could craft a markdown table...
[SECURITY] Fedora 39 Update: rust-comrak-0.18.0-4.fc39
A 100% CommonMark-compatible GitHub Flavored Markdown parser and formatter...
Fedora: Security Advisory for rust-comrak (FEDORA-2023-035d5910b9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-comrak (FEDORA-2023-e9243281cb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: rust-comrak-0.18.0-1.fc37
A 100% CommonMark-compatible GitHub Flavored Markdown parser and formatter...
[SECURITY] Fedora 38 Update: rust-comrak-0.18.0-1.fc38
A 100% CommonMark-compatible GitHub Flavored Markdown parser and formatter...
DEBIAN-CVE-2023-24824
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
CVE-2023-26485 Quadratic complexity may lead to a denial of service in cmark-gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
SUSE CVE-2020-5238
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes On n time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project...
Markdown Preview Enhanced 操作系统命令注入漏洞
Markdown Preview Enhanced is a super-powerful markdown extension by Yiyi Wang's personal developer. A security vulnerability exists in Markdown Preview Enhanced version v0.6.5, v0.19.6. An attacker can exploit this vulnerability to execute arbitrary commands during GFM export...
[SECURITY] Fedora 37 Update: ghc-cmark-gfm-0.2.5-1.fc37
This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.6 and does not require prior installation of the C library...
[SECURITY] Fedora 35 Update: ghc-cmark-gfm-0.2.5-1.fc35
This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.6 and does not require prior installation of the C library...
[SECURITY] Fedora 34 Update: ghc-cmark-gfm-0.2.3-1.fc34
This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.3 and does not require prior installation of the C library...
[SECURITY] Fedora 36 Update: ghc-cmark-gfm-0.2.3-1.fc36
This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.3 and does not require prior installation of the C library...
[SECURITY] Fedora 35 Update: ghc-cmark-gfm-0.2.3-1.fc35
This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.3 and does not require prior installation of the C library...
GHSA-FMX4-26R3-WXPF Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption
Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. An integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption when parsing tables who's marker rows contain more than UINT16MAX columns. The impact of this heap corruption ranges from Information...
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption
Impact CommonMarker uses cmark-gfm for rendering Github Flavored Markdown. An integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption when parsing tables who's marker rows contain more than UINT16MAX columns. The impact of this heap corruption ranges from Information...
Denial Of Service (DoS)
pandoc is vulnerable to denial of service. The table extension in GitHub Flavored Markdown takes On n time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service...
PT-2020-10894 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: NetBox versions 2.6.2 and earlier Description: The issue allows an authenticated user to conduct a cross-site scripting XSS attack against an admin via a GFM-rendered field. This can be demonstrated by the "/dcim/sites/add/" endpoint,...