7 matches found
CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
Duplicate Advisory: Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fmx4-26r3-wxpf. This link is maintained to preserve external references. Original Description CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result...
DEBIAN-CVE-2024-22051
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker...
Integer overflow
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker...
CVE-2024-22051 CommonMarker Integer Overflow Vulnerability
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker...
CVE-2024-22051
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker...
Remote Code Execution
commonmarker is vulnerable to remote code execution. cmark-gfm may cause heap memory corruption when parsing tables who's marker rows contain more than UINT16MAX columns. The vulnerability allows remote authenticated attackers to inject and execute malicious code on the system...