Search for packages
| purl | pkg:gem/commonmarker@0.23.9 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9q5d-95ws-2uhh
Aliases: GHSA-7vh7-fw88-wj87 GMS-2023-1914 |
Several quadratic complexity bugs may lead to denial of service in Commonmarker ## Impact Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * [CVE-2023-37463](https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5) For more information, consult the release notes for version [`0.29.0.gfm.12`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.12). ## Mitigation Users are advised to upgrade to commonmarker version [`0.23.10`](https://rubygems.org/gems/commonmarker/versions/0.23.10). |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-mypd-qfsc-53g3 | Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. |
GHSA-48wp-p9qv-4j64
GMS-2023-1110 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T18:14:19.645567+00:00 | Ruby Importer | Affected by | VCID-9q5d-95ws-2uhh | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/commonmarker/GHSA-7vh7-fw88-wj87.yml | 38.6.0 |
| 2026-06-04T17:15:24.113226+00:00 | GithubOSV Importer | Fixing | VCID-mypd-qfsc-53g3 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/04/GHSA-48wp-p9qv-4j64/GHSA-48wp-p9qv-4j64.json | 38.6.0 |
| 2026-06-02T04:44:29.046070+00:00 | GitLab Importer | Fixing | VCID-mypd-qfsc-53g3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/commonmarker/GMS-2023-1110.yml | 38.6.0 |