Cmark-gfm Security Vulnerabilities and Issues — Cmark-gfm CVE List

Lucene search

GithubCmark-gfm

4 matches found

CVE•added 2023/01/26 9:18 p.m.•87 views

CVE-2023-22486

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handle_close_bracket that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has...

7.5CVSS5.3AI score0.00092EPSS

CVE•added 2023/01/23 11:15 p.m.•57 views

CVE-2023-22484

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has bee...

7.5CVSS5.3AI score0.00091EPSS

CVE•added 2023/01/23 11:15 p.m.•54 views

CVE-2023-22483

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. Various commands, w...

7.5CVSS6AI score0.00067EPSS

CVE•added 2023/01/24 1:15 a.m.•53 views

CVE-2023-22485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validate_protocol function. We believe this bug is harmless in practice, because the out-of-bounds r...

5.3CVSS5.4AI score0.00318EPSS