2 matches found
PT-2023-33076 · Comrak +1 · Comrak +1
Name of the Vulnerable Software and Affected Versions: comrak versions prior to 0.17.0 Description: The issue is related to an overly large response triggered by a large number of references in a markdown document. This is due to an upstream cmark issue. Recommendations: For versions prior to...
Denial of Service (DoS)
Overview xlsx is a Parser and writer for various spreadsheet formats. Affected versions of this package are vulnerable to Denial of Service DoS. An attacker who can send a malicious excel file parsed by this library can cause maximum CPU usage. Note: xlsx package after version 0.18.5 is distribut...