Vulnerabilities (CVE)

Filtered by vendor Md4c Project Subscribe

Filtered by product Md4c

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-11536	1 Md4c Project	1 Md4c	2020-08-24	7.5 HIGH	9.8 CRITICAL
md4c before 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.
CVE-2018-11545	1 Md4c Project	1 Md4c	2020-08-24	7.5 HIGH	9.8 CRITICAL
md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes.
CVE-2018-11546	1 Md4c Project	1 Md4c	2018-06-29	7.5 HIGH	9.8 CRITICAL
md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.
CVE-2018-11547	1 Md4c Project	1 Md4c	2018-06-29	7.5 HIGH	9.8 CRITICAL
md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.