Lucene search
+L
GithubCmark-gfm

7 matches found

cve
cve
added 2023/01/24 2:30 a.m.116 views

CVE-2023-22486

The CVE-2023-22486 issue affects cmark-gfm (GitHub’s fork of cmark). Versions prior to 0.29.0.gfm.7 contain a polynomial-time complexity bug in handle_close_bracket that can lead to unbounded resource exhaustion and denial of service. The vulnerability is explicitly noted as patched in 0.29.0.gfm...

7.5CVSS5.3AI score0.01108EPSS
cve
cve
added 2023/03/31 10:1 p.m.116 views

CVE-2023-26485

CVE-2023-26485 affects cmark-gfm (GitHub’s fork of cmark) and causes a polynomial-time denial-of-service when parsing inputs with very large sequences of underscores, due to a quadratic complexity in parsing. The issue has been addressed in version 0.29.0.gfm.10 ; upgrading to this version (or ap...

7.5CVSS6.6AI score0.01029EPSS
cve
cve
added 2023/07/13 7:22 p.m.94 views

CVE-2023-37463

CVE-2023-37463 affects cmark-gfm (GitHub’s CommonMark extension); three polynomial-time complexity issues may cause unbounded resource exhaustion and DoS. These were patched in version 0.29.0.gfm.12. Upgrade to 0.29.0.gfm.12 or newer to remediate.

7.5CVSS7.1AI score0.00696EPSS
cve
cve
added 2022/09/15 12:0 a.m.93 views

CVE-2022-39209

CVE-2022-39209 concerns cmark-gfm, GitHub’s fork of cmark (C). A polynomial-time complexity issue in the autolink extension during input parsing can cause unbounded resource exhaustion, leading to denial of service. Affected versions are prior to 0.29.0.gfm.6; patched in 0.29.0.gfm.6. Upgrading t...

7.5CVSS6.7AI score0.01702EPSS
cve
cve
added 2023/01/23 10:42 p.m.77 views

CVE-2023-22484

The CVE-2023-22484 issue affects cmark-gfm, GitHub’s fork of the C library cmark. It describes a polynomial-time complexity vulnerability in cmark-gfm that can lead to unbounded resource exhaustion and denial of service on affected versions. According to linked documents, versions prior to 0.29.0...

7.5CVSS5.3AI score0.00956EPSS
cve
cve
added 2023/01/23 10:36 p.m.76 views

CVE-2023-22483

CVE-2023-22483 affects cmark-gfm, GitHub’s fork of the CommonMark C library. The issue is a set of polynomial-time complexity vulnerabilities in cmark-gfm that can cause unbounded resource exhaustion and denial of service when parsing large inputs, affecting versions prior to 0.29.0.gfm.7. Severa...

7.5CVSS6AI score0.01073EPSS
cve
cve
added 2023/03/31 10:1 p.m.68 views

CVE-2023-24824

CVE-2023-24824 affects cmark-gfm (GitHub’s fork of cmark) in C, where quadratic/polynomial parsing complexity can exhaust resources and cause DoS when processing inputs that begin with many ‘>’ or ‘-’. The issue is mitigated by upgrading to upstream 0.29.0.gfm.10; downstream ecosystems (e.g., ...

7.5CVSS6.2AI score0.01027EPSS