Arbitrary Code Execution Affecting redcarpet package, versions < 3.3.2, >= 3.3.0


Severity

Recommended
0.0
high
0
10

CVSS assessment by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
2.54% (83rd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RUBY-REDCARPET-20231
  • published21 Jun 2015
  • disclosed21 Jun 2015
  • creditGiancarlo Canales Barreto

Introduced: 21 Jun 2015

CVE-2015-5147  (opens in a new tab)
CWE-94  (opens in a new tab)

Overview

redcarpet is a fast, safe and extensible Markdown to (X)HTML parser.

Vulnerable versions of redcarpet Ruby contain a flaw that allows Arbitrary code execution via stack overflow.

Details

This flaw exists because the header_anchor() function in html.c uses variable length arrays (VLA) without any range checking. This may allow a remote attacker to execute arbitrary code.

CVSS Base Scores

version 3.1