Search for packages
| purl | pkg:gem/commonmarker@0.23.7.pre1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9q5d-95ws-2uhh
Aliases: GHSA-7vh7-fw88-wj87 GMS-2023-1914 |
Several quadratic complexity bugs may lead to denial of service in Commonmarker ## Impact Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * [CVE-2023-37463](https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5) For more information, consult the release notes for version [`0.29.0.gfm.12`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.12). ## Mitigation Users are advised to upgrade to commonmarker version [`0.23.10`](https://rubygems.org/gems/commonmarker/versions/0.23.10). |
Affected by 0 other vulnerabilities. |
|
VCID-mypd-qfsc-53g3
Aliases: GHSA-48wp-p9qv-4j64 GMS-2023-1110 |
Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-ryey-1gks-fydw
Aliases: GHSA-636f-xm5j-pj9m GMS-2023-123 |
Several quadratic complexity bugs may lead to denial of service in Commonmarker ## Impact Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * [CVE-2023-22483](https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c) * [CVE-2023-22484](https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r) * [CVE-2023-22485](https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr) * [CVE-2023-22486](https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p) For more information, consult the release notes for version [`0.23.0.gfm.7`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.7). ## Mitigation Users are advised to upgrade to commonmarker version [`0.23.7`](https://rubygems.org/gems/commonmarker/versions/0.23.7). |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T04:01:10.269568+00:00 | GitLab Importer | Affected by | VCID-9q5d-95ws-2uhh | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/commonmarker/GMS-2023-1914.yml | 38.6.0 |
| 2026-06-06T03:39:36.491329+00:00 | GitLab Importer | Affected by | VCID-mypd-qfsc-53g3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/commonmarker/GMS-2023-1110.yml | 38.6.0 |
| 2026-06-06T03:24:59.150969+00:00 | GitLab Importer | Affected by | VCID-ryey-1gks-fydw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/commonmarker/GMS-2023-123.yml | 38.6.0 |
| 2026-06-04T18:14:19.639640+00:00 | Ruby Importer | Affected by | VCID-9q5d-95ws-2uhh | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/commonmarker/GHSA-7vh7-fw88-wj87.yml | 38.6.0 |
| 2026-06-04T18:14:00.099473+00:00 | Ruby Importer | Affected by | VCID-ryey-1gks-fydw | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/commonmarker/GHSA-636f-xm5j-pj9m.yml | 38.6.0 |