Lucene search
K

124 matches found

Cvelist
Cvelist
added 2023/03/31 10:1 p.m.39 views

CVE-2023-26485 Quadratic complexity may lead to a denial of service in cmark-gfm

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

5.3CVSS8AI score0.01029EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/03/31 10:1 p.m.24 views

CVE-2023-26485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE covers quadratic complexity issues when parsing text which leads...

7.5CVSS7.7AI score0.01029EPSS
Exploits1
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.11 views

LiquidityPool.executePerpOrders(): dangerous payable function

Lines of code Vulnerability details Impact The contract LiquidityPool use a dangerous payable function executePerpOrders In this function, users can send ETH mistakenly. We should check the msg.value is 0 or not to void this issue. Proof of Concept function executePerpOrdersbytes calldata...

6.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.2 views

SUSE CVE-2015-1788

The BNGF2mmodinv function in crypto/bn/bngf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a...

4.3CVSS8.4AI score0.23222EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.3 views

SUSE CVE-2023-22483

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. Various commands,...

7.5CVSS6.9AI score0.01073EPSS
Exploits1References3
Veracode
Veracode
added 2023/02/14 7:21 a.m.29 views

Regular Expression Denial Of Service (ReDoS)

sideway/formula is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists in index.js due to regular expression complexity which allows attacker to provide crafted strings to the formula's parser that might lead to polynomial execution time causing an application crash...

6.5CVSS6.3AI score0.00611EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/02/08 10:38 p.m.43 views

GHSA-C2JC-4FPR-4VHG @sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability

Impact User-provided strings to formula's parser might lead to polynomial execution time. Patches Users should upgrade to 3.0.1+. Workarounds None...

5.5CVSS6AI score0.00611EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/02/08 10:38 p.m.56 views

@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability

Impact User-provided strings to formula's parser might lead to polynomial execution time. Patches Users should upgrade to 3.0.1+. Workarounds None...

6.5CVSS6.4AI score0.00611EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/02/08 8:15 p.m.25 views

Design/Logic Flaw

formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability...

4CVSS6.4AI score0.00611EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2023/02/02 6:11 a.m.16 views

Denial Of Service (DoS)

libcmark-gfm.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to pass various commands with very large values through inlines.c, causing the running time to increase quadratically due to polynomial time complexity issues, resulting in an application crash...

7.5CVSS7.3AI score0.01108EPSS
Exploits1References3Affected Software4
Veracode
Veracode
added 2023/01/27 5:16 a.m.21 views

Denial Of Service (DoS)

libcmark-gfm.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to pass various commands with very large values through the handlepointybrace function causing the running time to increase quadratically due to polynomial time complexity issues, resulting in an application...

7.5CVSS7.3AI score0.00956EPSS
Exploits1References2Affected Software3
Veracode
Veracode
added 2023/01/27 5:10 a.m.23 views

Denial Of Service (DoS)

libcmark-gfm.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to pass various commands with very large values causing the running time to increase quadratically due to polynomial time complexity issues, resulting in an application crash...

7.5CVSS7.3AI score0.01073EPSS
Exploits1References2Affected Software3
OSV
OSV
added 2023/01/26 9:18 p.m.0 views

DEBIAN-CVE-2023-22486

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

7.5CVSS7AI score0.01108EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2023/01/26 12:0 a.m.30 views

CVE-2023-22486

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

7.5CVSS6.9AI score0.01108EPSS
Exploits1References3
Snyk
Snyk
added 2023/01/24 1:17 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a polynomial time complexity issue that may lead to unbounded resource exhaustion. PoC python3 -c 'print"/" + "!--" 10000' | cmark-gfm Details Denial of Service DoS describes a family of attacks, all aimed a...

7.5CVSS6.9AI score0.00956EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/01/24 2:30 a.m.6 views

CVE-2023-22486 cmark-gfm Quadratic complexity bug in handle_close_bracket may lead to a denial of service

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

3.5CVSS5.7AI score0.01108EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2023/01/24 2:30 a.m.23 views

CVE-2023-22486

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

7.5CVSS7.3AI score0.01108EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2023/01/24 2:30 a.m.51 views

CVE-2023-22486

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handleclosebracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

7.5CVSS5.5AI score0.01108EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/01/23 11:15 p.m.23 views

CVE-2023-22483

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. Various commands,...

7.5CVSS7AI score0.01073EPSS
Exploits1References3
OSV
OSV
added 2023/01/23 11:15 p.m.2 views

UBUNTU-CVE-2023-22484

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

7.5CVSS5.7AI score0.00956EPSS
Exploits1References4
Rows per page
Query Builder