CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-22485 – cmark-gfm out-of-bounds read in validate_protocol
https://notcve.org/view.php?id=CVE-2023-22485
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the `validate_protocol` function. We believe this bug is harmless in practice, because the out-of-bounds read accesses `malloc` metadata without causing any visible damage.This vulnerability has been patched in 0.29.0.gfm.7. cmmark-gfm es la bifurcación de GitHub de cmark, una librería y programa de análisis y representación de CommonMark en C. En versiones anteriores a la 0.29.0.gfm.7, un documento de rebajas manipulado puede desencadenar una lectura fuera de los límites en la función `validate_protocol` . Creemos que este error es inofensivo en la práctica, porque la lectura fuera de los límites accede a los metadatos "malloc" sin causar ningún daño visible. • https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr • CWE-91: XML Injection (aka Blind XPath Injection) CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-22484 – Inefficient Quadratic complexity bug in handle_pointy_brace may lead to a denial of service
https://notcve.org/view.php?id=CVE-2023-22484
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has been patched in 0.29.0.gfm.7. cmark-gfm es la bifurcación de GitHub de cmark, una librería y programa de análisis y representación de CommonMark en C. Las versiones anteriores a 0.29.0.gfm.7 están sujetas a un problema de complejidad de tiempo polinómico en cmark-gfm que puede provocar un agotamiento ilimitado de los recursos y posterior denegación del servicio. Esta vulnerabilidad ha sido parcheada en 0.29.0.gfm.7. • https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-22483 – cmark-gfm Quadratic complexity bugs may lead to a denial of service
https://notcve.org/view.php?id=CVE-2023-22483
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to several polynomial time complexity issues in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. Various commands, when piped to cmark-gfm with large values, cause the running time to increase quadratically. These vulnerabilities have been patched in version 0.29.0.gfm.7. cmark-gfm es la bifurcación de GitHub de cmark, una librería y programa de análisis y representación de CommonMark en C. Las versiones anteriores a 0.29.0.gfm.7 están sujetas a varios problemas de complejidad de tiempo polinomial en cmark-gfm que pueden provocar un agotamiento ilimitado de los recursos y posterior denegación del servicio. • https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39209 – Uncontrolled Resource Consumption in cmark-gfm
https://notcve.org/view.php?id=CVE-2022-39209
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the patch by running `python3 -c 'print("![l"* 100000 + "\n")' | ./cmark-gfm -e autolink`, which will resource exhaust on unpatched cmark-gfm but render correctly on patched cmark-gfm. • https://en.wikipedia.org/wiki/Time_complexity https://github.com/github/cmark-gfm/commit/9d57d8a23142b316282bdfc954cb0ecda40a8655 https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIUCZN3PEKUCT2JQYQTYOVIJG2KSD6G7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMGP65NANDVKPDMXMKYO2ZV2H2HZJY4P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/mess • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 9.8EPSS: 8%CPEs: 5EXPL: 1CVE-2022-24724 – Integer overflow in table parsing extension leads to heap memory corruption
https://notcve.org/view.php?id=CVE-2022-24724
cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to heap memory corruption when parsing tables who's marker rows contain more than UINT16_MAX columns. The impact of this heap corruption ranges from Information Leak to Arbitrary Code Execution depending on how and where `cmark-gfm` is used. If `cmark-gfm` is used for rendering remote user controlled markdown, this vulnerability may lead to Remote Code Execution (RCE) in applications employing affected versions of the `cmark-gfm` library. This vulnerability has been patched in the following cmark-gfm versions 0.29.0.gfm.3 and 0.28.3.gfm.21. • http://packetstormsecurity.com/files/166599/cmark-gfm-Integer-overflow.html https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5CYUU662VO6CCXQKVZVOHXX3RGIF2DLQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7V3HAM5H6YFJG2QFEXACZR3XVWFTXTC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KH4UQA6VWVZU5EW3HNEAB7D7BTCNJSJ2 https://lists.fedorapro • CWE-190: Integer Overflow or Wraparound •