CVE-2024-22051

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS

Description

CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns.

github/cmark-gfm
github/cmark-gfm
GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C
GitHubGitHub
1.09K
gjtorikian/commonmarker
gjtorikian/commonmarker
Ruby wrapper for the comrak (CommonMark parser) Rust crate
GitHubGitHub
551