CVE-2018-11504
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-11504
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11504.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-11504
- Downstream
- Related
- Published
- 2018-05-26T21:29:00.347Z
- Modified
- 2025-11-20T10:45:53.859365Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.
- References
Affected packages
Git / github.com/orc/discount
Affected ranges
- Type
- GIT
- Repo
- https://github.com/orc/discount
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
2.*
2.2.1
Other
=a
aa
v0.*
v0.1
v0.2
v0.3
v0.4
v0.6
v0.7
v0.7.5
v0.8
v0.8.1
v0.8.2
v0.9
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v1.*
v1.0.0
v1.1.0
v1.1.1
v1.1.2
v1.1.2a
v1.1.3
v1.1.4
v1.1.5
v1.2.0
v1.2.1
v1.2.10
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9
v1.3.0
v1.3.0pre1
v1.3.0pre2
v1.3.0pre3
v1.3.0pre4
v1.3.1
v1.3.2
v1.3.3
v1.3.4
v1.3.5
v1.3.6
v1.4.0
v1.4.1
v1.4.1pre0
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.5
v1.5.1
v1.5.2
v1.5.3
v1.5.4
v1.5.5
v1.5.6
v1.5.7
v1.5.8
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v2.*
v2.0
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.4beta1
v2.0.4beta2
v2.0.4beta3
v2.0.4beta4
v2.0.4beta5
v2.0.5
v2.0.6
v2.0.7
v2.0.8
v2.0.9
v2.1.0
v2.1.1
v2.1.1.1
v2.1.1.2
v2.1.1.3
v2.1.2
v2.1.3
v2.1.5
v2.1.5a
v2.1.6
v2.1.7
v2.1.8
v2.1.8a
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.2.3a
v2.2.3b6
v2.2.3b7
v2.2.3b8