Astra Linux - уязвимость в ruby-kramdown

Before version 2.3.1, Kramdown did not restrict Rouge formatters to the Rouge::Formatters namespace, allowing arbitrary classes to be instantiated...

EUVD-2021-0603

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-14001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access such as...

Remote code execution in Kramdown

Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated...

CVE-2021-28834

Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated...

Thomas Leitner kramdown 安全漏洞

Thomas Leitner kramdown is Thomas Leitner an open source application . Provides a fast pure Ruby Markdown superset converter , using a strict syntax definition and support for several common extensions . Kramdown before 2.3.1 A security vulnerability exists because Kramdown does not restrict the...

PT-2021-5816

Name of the Vulnerable Software and Affected Versions Kramdown versions prior to 2.3.1 Description The issue is related to the lack of restriction of Rouge formatters to the Rouge::Formatters namespace, allowing arbitrary classes to be instantiated. This could potentially enable a remote attacker...

Ubuntu 20.04 LTS : kramdown vulnerability (USN-4562-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4562-1 advisory. It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary...