Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Discount has an Out-of-bounds Read in rdiscount
Vulnerability Description
Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INT_MAX are truncated to a signed int before entering the native parser, allowing the parser to read past the end of the supplied buffer and crash the process. This vulnerability is fixed in 2.2.7.4.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
discount 缓冲区错误漏洞
Vulnerability Description
discount是Orc个人开发者的一个Markdown语言解析与转换工具。 Discount 1.3.1.1至2.2.7.4之前版本存在缓冲区错误漏洞,该漏洞源于有符号长度截断错误,可能导致越界读取和进程崩溃。
CVSS Information
N/A
Vulnerability Type
N/A