RUSTSEC-2021-0074 Incorrect handling of embedded SVG and MathML leads to mutation XSS

Affected versions of this crate did not account for namespace-related parsing differences between HTML, SVG, and MathML. Even if the svg and math elements are not allowed, the underlying HTML parser still treats them differently. Running cleanup without accounting for these differing namespaces...

Regular Expression Denial Of Service (ReDoS)

marked is vulnerable to regular expression denial of service DoS. The attack is possible because it does not use efficient link tags in regular expression, thereby leading to a high CPU usage if an attacker parses an input link with nested parenthesis containing a large number of link tokens to t...

DEBIAN-CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

XML injection vulnerability hazard warning-vulnerability warning-the black bar safety net

Vulnerability description: the Extensible Markup Language Extensible Markup Language, XML for marking an electronic file so that it has a structural markup language that can be used to tag data definition data type is a allows the user to Own the markup language for the definition of the source...