CVE-2020-26148

Опубликовано: 30 сент. 2020

Источник: debian

Описание

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
md4c	fixed	0.4.5-2		package

Примечания

https://github.com/mity/md4c/issues/130
https://github.com/mity/md4c/commit/22ca89a3008966c4316d6b0a158b1a49f9038df0

Связанные уязвимости

CVE-2020-26148

CVSS3: 7.5

ubuntu

больше 5 лет назад

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

CVE-2020-26148

CVSS3: 7.5

nvd

больше 5 лет назад

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

GHSA-8cq8-p477-7hrv

github

больше 3 лет назад

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.