Your submission was sent successfully! Close

CVE-2018-11468

Published: 25 May 2018

The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
discount
Launchpad, Ubuntu, Debian
bionic Needed

cosmic Not vulnerable
(2.2.4-1)
disco Not vulnerable
(2.2.4-1)
eoan Not vulnerable
(2.2.4-1)
focal Not vulnerable
(2.2.4-1)
groovy Not vulnerable
(2.2.4-1)
hirsute Not vulnerable
(2.2.4-1)
impish Not vulnerable
(2.2.4-1)
jammy Not vulnerable
(2.2.4-1)
precise Does not exist

trusty Does not exist
(trusty was released [2.1.7-1+deb8u1build0.14.04.1])
upstream
Released (2.1.7-1+deb8u1, 2.2.2-1+deb9u1, 2.2.4-1)
xenial Ignored
(end of standard support, was needed)