CVE-2021-30027

Sažetak

md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory, and cause a denial of service via a malformed Markdown document.

Reference

https://github.com/mity/md4c/commit/4fc808d8fe8d8904f8525bb4231d854f45e23a19
https://github.com/mity/md4c/issues/155

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

09-05-2021 - 01:25

Objavljeno

29-04-2021 - 15:15