漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Inefficient Quadratic complexity bug in handle_pointy_brace may lead to a denial of service
Vulnerability Description
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that may lead to unbounded resource exhaustion and subsequent denial of service. This vulnerability has been patched in 0.29.0.gfm.7.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
cmark-gfm 资源管理错误漏洞
Vulnerability Description
cmark-gfm是CommonMark的 C 参考实现的扩展版本,是带有规范的 Markdown 语法的合理化版本。 cmark-gfm 0.29.0.gfm.7之前版本存在资源管理错误漏洞。攻击者利用该漏洞导致无限资源耗尽和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A