cmark-gfm is GitHub’s fork of cmark, a CommonMark parsing and rendering
library and program in C. Versions prior to 0.29.0.gfm.7 contain a
polynomial time complexity issue in handle_close_bracket that may lead to
unbounded resource exhaustion and subsequent denial of service. This
vulnerability has been patched in 0.29.0.gfm.7.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | cmark | < any | UNKNOWN |
ubuntu | 20.04 | noarch | cmark | < any | UNKNOWN |
ubuntu | 22.04 | noarch | cmark | < any | UNKNOWN |
ubuntu | 23.10 | noarch | cmark | < any | UNKNOWN |
ubuntu | 24.04 | noarch | cmark | < any | UNKNOWN |
ubuntu | 20.04 | noarch | cmark-gfm | < any | UNKNOWN |
ubuntu | 22.04 | noarch | cmark-gfm | < any | UNKNOWN |
ubuntu | 23.10 | noarch | cmark-gfm | < any | UNKNOWN |
ubuntu | 24.04 | noarch | cmark-gfm | < any | UNKNOWN |