Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2025/05/23 3:31 p.m.10 views

Marked allows Regular Expression Denial of Service (ReDoS) attacks

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service ReDoS attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown...

7.5CVSS6.5AI score0.00493EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2024/12/15 12:0 a.m.25 views

CVE-2024-56082

ChatBar.tsx in Lumos before 1.0.17 parses raw HTML in Markdown because the markdown-to-jsx package is used without disableParsingRawHTML set to true...

0.00407EPSS
Exploits0References3
NVD
NVD
added 2024/10/15 8:15 p.m.62 views

CVE-2024-44337

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS0.00501EPSS
Exploits1References2
OSV
OSV
added 2024/10/15 8:15 p.m.18 views

CVE-2024-44337

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS6.3AI score0.00501EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2024/10/15 1:44 p.m.557 views

Exploit for CVE-2024-44337

CVE-2024-44337 CVE-2024-44337 POC The package github.com/gom...

5.1CVSS6.8AI score0.00501EPSS
Exploits1
NVD
NVD
added 2023/09/22 5:15 p.m.19 views

CVE-2023-42821

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion 0.0.0-20230922105210-14b16010c2ee, which corresponds with commit 14b16010c2ee7ff33a940a541d993bd043a88940, parsing malformed markdown input with parser that uses...

7.5CVSS7.3AI score0.01042EPSS
Exploits1References3
Rows per page
Query Builder