The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
github flavored markdown project github flavored markdown |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |