CVE-2018-12495

Опубликовано: 15 июн. 2018

Источник: debian

Описание

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
discount	fixed	2.2.4-1		package

Примечания

https://github.com/Orc/discount/issues/189#issuecomment-397541501
Fixed by https://github.com/Orc/discount/commit/b002a5a4db31e42dfb45451c059bc56941c17974

Связанные уязвимости

CVE-2018-12495

CVSS3: 5.5

ubuntu

больше 7 лет назад

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2018-12495

CVSS3: 4.4

redhat

больше 7 лет назад

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2018-12495

CVSS3: 5.5

nvd

больше 7 лет назад

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

GHSA-mvx5-vrw8-j3pj

CVSS3: 5.5

github

больше 3 лет назад

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

openSUSE-SU-2019:0019-1

suse-cvrf

почти 7 лет назад

Security update for discount