Search CVE reports
1 – 10 of 10 results
CVE-2023-37463
Medium prioritycmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-gfm may lead to unbounded resource...
1 affected packages
cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
CVE-2023-26485
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...
2 affected packages
cmark, cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2023-24824
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...
2 affected packages
cmark, cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2023-22486
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handle_close_bracket that may lead to unbounded...
2 affected packages
cmark, cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2023-22485
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the `validate_protocol` function....
1 affected packages
cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2023-22484
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource...
1 affected packages
cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2023-22483
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded...
1 affected packages
cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-39209
Medium prioritycmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded...
1 affected packages
cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
CVE-2022-24724
Medium prioritycmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to...
1 affected packages
cmark-gfm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
CVE-2020-5238
Low priorityThe table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a...
5 affected packages
cmark-gfm, haskell-cmark-gfm, python-cmarkgfm, r-cran-commonmark, ruby-commonmarker
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
haskell-cmark-gfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
python-cmarkgfm | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
r-cran-commonmark | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
ruby-commonmarker | Not affected | Not affected | Needs evaluation | Not in release | Not in release |