Lucene search
Veracode Vulnerability DatabaseVERACODE:44963HistoryJan 05, 2024 - 8:01 a.m.
Integer Overflow
2024-01-0508:01:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
commonmarker
integer overflow
vulnerability
remote access
table parsing
heap memory corruption
information leak
arbitrary code execution
commonmarker is vulnerable to Integer Overflow . This vulnerability is due to unauthenticated remote access when parsing tables who’s marker rows contain more than UINT16_MAX columns. This allows the remote attackers to cause heap memory corruption which ranges from Information Leak to Arbitrary Code Execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| commonmarker | le | 0.23.2 | |
| commonmarker | le | 0.23.2 | |
| ruby-commonmarker:sid | eq | 0.21.0-1 |
References
github.com/advisories/GHSA-fmx4-26r3-wxpf
github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3
github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf
vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf
Related
prion
prion
Integer overflow
2024-01-04 21:15:00
cvelist
cvelist
CVE-2024-22051 CommonMarker Integer Overflow Vulnerability
2024-01-04 20:27:22
cve
cve
CVE-2024-22051
2024-01-04 21:15:10
redhatcve
redhatcve
CVE-2024-22051
2024-01-05 01:02:21
debiancve
debiancve
CVE-2024-22051
2024-01-04 21:15:10
github
github
osv
osv
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption
2022-03-03 20:28:47
CVE-2022-24724
2022-03-03 20:15:07
CVE-2024-22051
2024-01-04 21:15:10
ubuntucve
ubuntucve
CVE-2024-22051
2024-01-04 00:00:00