Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 10 results


CVE-2023-37463

Medium priority
Needs evaluation

cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-gfm may lead to unbounded resource...

1 affected packages

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
Show less packages

CVE-2023-26485

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...

2 affected packages

cmark, cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-24824

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service. This CVE...

2 affected packages

cmark, cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22486

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a polynomial time complexity issue in handle_close_bracket that may lead to unbounded...

2 affected packages

cmark, cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22485

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the `validate_protocol` function....

1 affected packages

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22484

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource...

1 affected packages

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2023-22483

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded...

1 affected packages

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-39209

Medium priority
Needs evaluation

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded...

1 affected packages

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-24724

Medium priority
Needs evaluation

cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to...

1 affected packages

cmark-gfm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2020-5238

Low priority
Needs evaluation

The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a...

5 affected packages

cmark-gfm, haskell-cmark-gfm, python-cmarkgfm, r-cran-commonmark, ruby-commonmarker

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
haskell-cmark-gfm Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
python-cmarkgfm Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
r-cran-commonmark Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
ruby-commonmarker Not affected Not affected Needs evaluation Not in release Not in release
Show less packages