blob: 0cf4f60b45e75d4a908a35195f89d7789b738832 [file] [log] [blame]
id: GO-2023-2074
modules:
- module: github.com/gomarkdown/markdown
versions:
- fixed: 0.0.0-20230922105210-14b16010c2ee
vulnerable_at: 0.0.0-20230916125811-7478c230c7cd
packages:
- package: github.com/gomarkdown/markdown/parser
symbols:
- Parser.isPrefixHeading
- citation
derived_symbols:
- Parser.Block
- Parser.Inline
- Parser.Parse
summary: |-
Parser out-of-bounds read caused by a malformed markdown input in
github.com/gomarkdown/markdown
cves:
- CVE-2023-42821
ghsas:
- GHSA-m9xq-6h2j-65r2
references:
- advisory: https://github.com/gomarkdown/markdown/security/advisories/GHSA-m9xq-6h2j-65r2
- fix: https://github.com/gomarkdown/markdown/commit/14b16010c2ee7ff33a940a541d993bd043a88940
review_status: REVIEWED