2 matches found
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' through the Web Launcher Management Plane component in the POST /api/gateway/restart endpoint. An attacker can execute arbitrary commands b...
HSEC-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser
cmark-gfm: resource exhaustion due to quadratic complexity in parser cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service, due to...