VulnerableCode Package Details - pkg:gem/commonmarker@0.23.8

Search for packages

Vulnerability	Summary	Fixed by
VCID-76q8-unpg-ryas Aliases: GHSA-48wp-p9qv-4j64 GMS-2023-1110	Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service ## Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * CVE-2023-24824 * CVE-2023-26485 For more information, consult the release notes for versions 0.23.0.gfm.10 and 0.23.0.gfm.11. ## Mitigation Users are advised to upgrade to commonmarker version 0.23.9	0.23.9 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.0.0.pre Affected by 0 other vulnerabilities.
VCID-tfng-ynpw-cqa6 Aliases: GHSA-7vh7-fw88-wj87 GMS-2023-1914	Several quadratic complexity bugs may lead to denial of service in Commonmarker ## Impact Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * [CVE-2023-37463](https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5) For more information, consult the release notes for version [`0.29.0.gfm.12`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.12). ## Mitigation Users are advised to upgrade to commonmarker version [`0.23.10`](https://rubygems.org/gems/commonmarker/versions/0.23.10).	0.23.10 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-76q8-unpg-ryas
Aliases:
GHSA-48wp-p9qv-4j64
GMS-2023-1110

Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service ## Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * CVE-2023-24824 * CVE-2023-26485 For more information, consult the release notes for versions 0.23.0.gfm.10 and 0.23.0.gfm.11. ## Mitigation Users are advised to upgrade to commonmarker version 0.23.9

0.23.9
Affected by 1 other vulnerability.

1.0.0.pre
Affected by 0 other vulnerabilities.

VCID-tfng-ynpw-cqa6
Aliases:
GHSA-7vh7-fw88-wj87
GMS-2023-1914

Several quadratic complexity bugs may lead to denial of service in Commonmarker ## Impact Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * [CVE-2023-37463](https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5) For more information, consult the release notes for version [`0.29.0.gfm.12`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.12). ## Mitigation Users are advised to upgrade to commonmarker version [`0.23.10`](https://rubygems.org/gems/commonmarker/versions/0.23.10).

0.23.10
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:23:39.699443+00:00	Ruby Importer	Affected by	VCID-tfng-ynpw-cqa6	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/commonmarker/GHSA-7vh7-fw88-wj87.yml	38.6.0
2026-06-12T19:02:40.139238+00:00	GitLab Importer	Affected by	VCID-tfng-ynpw-cqa6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/commonmarker/GMS-2023-1914.yml	38.6.0
2026-06-12T18:51:50.576865+00:00	GitLab Importer	Affected by	VCID-76q8-unpg-ryas	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/commonmarker/GMS-2023-1110.yml	38.6.0