Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
comrak project comrak vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-28631
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with `parse_document`. This AST can then be converted to HTML via `html::format_document_with_plugins...
Comrak Project Comrak
6.1
CVSSv3
CVE-2021-27671
An issue exists in the comrak crate prior to 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing (for example) Data: to be used in an attack.
Comrak Project Comrak
7.5
CVSSv3
CVE-2023-28626
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A range of quadratic parsing issues are present in Comrak. These can be used to craft denial-of-service attacks on services that use Comrak to parse Markdown. This issue has been addressed in ve...
Comrak Project Comrak
6.1
CVSSv3
CVE-2021-38186
An issue exists in the comrak crate prior to 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.
Comrak Project Comrak
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started