Date: Mon, 29 Jun 2015 12:52:13 -0400 From: Giancarlo Canales <gcanalesb@...com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Cc: "cve-assign@...re.org" <cve-assign@...re.org> Subject: CVE request: Stack overflow in redcarpet's header_anchor After examining the redcarpet source code, I noticed that header_anchor uses variable length arrays (VLA) without any range checking. This is conducive to a stack overflow, followed by the potential for arbitrary code execution. Redcarpet is a Markdown parser library. I'm requesting a CVE number for this vulnerability. Title: Stack overflow in redcarpet's header_anchor Products: redcarpet Affects: v3.3.0 - v3.3.1 Type: Stack overflow First CVE request: Yes Fixed: Yes, v3.3.2 Fix: https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb Changelog: https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md Thanks, Giancarlo Canales Barreto
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.