2 matches found
Remote Code Execution (RCE)
cmark-gfm is vulnerable to remote code execution. The vulnerability exists due to an integer overflow in cmark-gfm's table row parsing table.c:rowfromstring...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in table-row parsing, when parsing marker rows that contain more than UINT16MAX columns. Note If affected versions are used for rendering remote user-controlled markdown, this vulnerability may lead to...