Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses

Filter by:

With package: rubyPackages_3_2.commonmarker

Found 1 matching suggestions

Untriaged

Permalink CVE-2024-22051

created 5 months, 3 weeks ago

CommonMarker Integer Overflow Vulnerability

CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns.

References

https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x related
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x related
https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x x_transferred related
https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory x_transferred
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 x_transferred patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory x_transferred
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory x_transferred
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x related
https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x x_transferred related
https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory x_transferred
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 x_transferred patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory x_transferred
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory x_transferred
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x related
https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x x_transferred related
https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf vendor-advisory x_transferred
https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3 x_transferred patch
https://github.com/advisories/GHSA-fmx4-26r3-wxpf third-party-advisory x_transferred
https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf third-party-advisory x_transferred

Affected products

commonmarker

<0.23.4

Matching in nixpkgs

pkgs.rubyPackages.commonmarker

None

nixos-unstable -
- nixpkgs-unstable 0.17.13

pkgs.rubyPackages_3_1.commonmarker

None

nixos-unstable -
- nixpkgs-unstable 0.17.13

pkgs.rubyPackages_3_2.commonmarker

None

nixos-unstable -
- nixpkgs-unstable 0.17.13

pkgs.rubyPackages_3_3.commonmarker

None

nixos-unstable -
- nixpkgs-unstable 0.17.13

pkgs.rubyPackages_3_4.commonmarker

None

nixos-unstable -
- nixpkgs-unstable 0.17.13

1