Search CVE reports


Toggle filters

1 – 10 of 10 results


CVE-2023-37463

Medium priority
Needs evaluation

cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-gfm may lead to unbounded resource...

1 affected package

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
Show less packages

CVE-2023-26485

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...

2 affected packages

cmark, cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-24824

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...

2 affected packages

cmark, cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22486

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handle_close_bracket that may lead to unbounded...

2 affected packages

cmark, cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22485

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the `validate_protocol` function....

1 affected package

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22484

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource...

1 affected package

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22483

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded...

1 affected package

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-39209

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded...

1 affected package

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-24724

Medium priority
Needs evaluation

cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to...

1 affected package

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2020-5238

Low priority
Needs evaluation

The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a...

5 affected packages

cmark-gfm, haskell-cmark-gfm, python-cmarkgfm, r-cran-commonmark, ruby-commonmarker

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
haskell-cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
python-cmarkgfm Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
r-cran-commonmark Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
ruby-commonmarker Not affected Not affected Needs evaluation Not in release Not in release
Show less packages