Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-48wp-p9qv-4j64: Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service

Impact

Several quadratic complexity bugs in commonmarker’s underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service.

The following vulnerabilities were addressed:

For more information, consult the release notes for version 0.23.0.gfm.10 and 0.23.0.gfm.11.

Mitigation

Users are advised to upgrade to commonmarker version 0.23.9.

ghsa
#vulnerability#dos#git#ruby

Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service

Moderate severity GitHub Reviewed Published Apr 11, 2023 in gjtorikian/commonmarker • Updated Apr 11, 2023

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission