Md4c Security Vulnerabilities and Issues — Md4c CVE List

Lucene search

Md4c ProjectMd4c

8 matches found

CVE•added 2018/05/29 9:29 p.m.•39 views

CVE-2018-11545

md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes.

9.8CVSS9.7AI score0.00459EPSS

CVE•added 2021/04/29 3:15 p.m.•31 views

CVE-2021-30027

md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory, and cause a denial of service via a malformed Markdown document.

5.5CVSS5.3AI score0.00133EPSS

CVE•added 2018/05/29 9:29 p.m.•30 views

CVE-2018-11546

md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.

9.8CVSS9.5AI score0.00433EPSS

CVE•added 2018/05/29 9:29 p.m.•30 views

CVE-2018-11547

md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.

9.8CVSS9.5AI score0.00433EPSS

CVE•added 2018/06/11 1:29 p.m.•29 views

CVE-2018-12102

md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.

5.5CVSS5.4AI score0.00138EPSS

CVE•added 2018/05/29 7:29 a.m.•28 views

CVE-2018-11536

md4c before 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.

9.8CVSS9.7AI score0.00459EPSS

CVE•added 2020/09/30 6:15 p.m.•28 views

CVE-2020-26148

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

7.5CVSS7.3AI score0.00362EPSS

CVE•added 2018/06/11 2:29 p.m.•24 views

CVE-2018-12112

md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.

7.8CVSS8AI score0.00234EPSS