CVE Vulnerabilities

CVE-2023-26302

Published: Feb 22, 2023 | Modified: Nov 07, 2023
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
5.5 MODERATE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input.

Affected Software

Name Vendor Start Version End Version
Markdown-it-py Executablebooks * 2.2.0 (excluding)
Markdown-it-py Ubuntu devel *
Markdown-it-py Ubuntu kinetic *
Markdown-it-py Ubuntu lunar *
Markdown-it-py Ubuntu mantic *
Markdown-it-py Ubuntu noble *
Markdown-it-py Ubuntu oracular *
Markdown-it-py Ubuntu trusty *
Markdown-it-py Ubuntu upstream *
Markdown-it-py Ubuntu xenial *

References