Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Integer overflow in table parsing extension leads to heap memory corruption
Vulnerability Description
cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to heap memory corruption when parsing tables who's marker rows contain more than UINT16_MAX columns. The impact of this heap corruption ranges from Information Leak to Arbitrary Code Execution depending on how and where `cmark-gfm` is used. If `cmark-gfm` is used for rendering remote user controlled markdown, this vulnerability may lead to Remote Code Execution (RCE) in applications employing affected versions of the `cmark-gfm` library. This vulnerability has been patched in the following cmark-gfm versions 0.29.0.gfm.3 and 0.28.3.gfm.21. A workaround is available. The vulnerability exists in the table markdown extensions of cmark-gfm. Disabling the table extension will prevent this vulnerability from being triggered.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
cmark-gfm 输入验证错误漏洞
Vulnerability Description
cmark-gfm是CommonMark的 C 参考实现的扩展版本,是带有规范的 Markdown 语法的合理化版本。 cmark-gfm 存在输入验证错误漏洞,该漏洞可能会导致使用受影响的 cmark-gfm 库版本的应用程序中的远程代码执行 (RCE)。
CVSS Information
N/A
Vulnerability Type
N/A