124 matches found
CVE-2023-26485 Quadratic complexity may lead to a denial of service in cmark-gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
CVE-2023-26485
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...
LiquidityPool.executePerpOrders(): dangerous payable function
Lines of code Vulnerability details Impact The contract LiquidityPool use a dangerous payable function executePerpOrders In this function, users can send ETH mistakenly. We should check the msg.value is 0 or not to void this issue. Proof of Concept function executePerpOrdersbytes calldata...
SUSE CVE-2015-1788
The BNGF2mmodinv function in crypto/bn/bngf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a...
SUSE CVE-2023-22483
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. Various commands,...
Regular Expression Denial Of Service (ReDoS)
sideway/formula is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists in index.js due to regular expression complexity which allows attacker to provide crafted strings to the formula's parser that might lead to polynomial execution time causing an application crash...
GHSA-C2JC-4FPR-4VHG @sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Impact User-provided strings to formula's parser might lead to polynomial execution time. Patches Users should upgrade to 3.0.1+. Workarounds None...
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Impact User-provided strings to formula's parser might lead to polynomial execution time. Patches Users should upgrade to 3.0.1+. Workarounds None...
Design/Logic Flaw
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability...
Denial Of Service (DoS)
libcmark-gfm.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to pass various commands with very large values through inlines.c, causing the running time to increase quadratically due to polynomial time complexity issues, resulting in an application crash...
Denial Of Service (DoS)
libcmark-gfm.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to pass various commands with very large values through the handlepointybrace function causing the running time to increase quadratically due to polynomial time complexity issues, resulting in an application...
Denial Of Service (DoS)
libcmark-gfm.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to pass various commands with very large values causing the running time to increase quadratically due to polynomial time complexity issues, resulting in an application crash...
DEBIAN-CVE-2023-22486
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...
CVE-2023-22486
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a polynomial time complexity issue that may lead to unbounded resource exhaustion. PoC python3 -c 'print"/" + "!--" 10000' | cmark-gfm Details Denial of Service DoS describes a family of attacks, all aimed a...
CVE-2023-22486 cmark-gfm Quadratic complexity bug in handle_close_bracket may lead to a denial of service
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...
CVE-2023-22486
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...
CVE-2023-22486
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...
CVE-2023-22483
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. Various commands,...
UBUNTU-CVE-2023-22484
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...