| id: GO-2023-2074 |
| modules: |
| - module: github.com/gomarkdown/markdown |
| versions: |
| - fixed: 0.0.0-20230922105210-14b16010c2ee |
| vulnerable_at: 0.0.0-20230916125811-7478c230c7cd |
| packages: |
| - package: github.com/gomarkdown/markdown/parser |
| symbols: |
| - Parser.isPrefixHeading |
| - citation |
| derived_symbols: |
| - Parser.Block |
| - Parser.Inline |
| - Parser.Parse |
| summary: |- |
| Parser out-of-bounds read caused by a malformed markdown input in |
| github.com/gomarkdown/markdown |
| cves: |
| - CVE-2023-42821 |
| ghsas: |
| - GHSA-m9xq-6h2j-65r2 |
| references: |
| - advisory: https://github.com/gomarkdown/markdown/security/advisories/GHSA-m9xq-6h2j-65r2 |
| - fix: https://github.com/gomarkdown/markdown/commit/14b16010c2ee7ff33a940a541d993bd043a88940 |
| review_status: REVIEWED |