Macdown Project CVE

Filtered by vendor Macdown Project Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-12173	1 Macdown Project	1 Macdown	2020-08-24	6.8 MEDIUM	8.8 HIGH
MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.
CVE-2019-12138	1 Macdown Project	1 Macdown	2019-05-16	4.6 MEDIUM	7.8 HIGH
MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.

Vulnerabilities (CVE)