Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
Related vulnerabilities
GSD-2015-5147
Vulnerability from gsd - Updated: 2015-06-22 00:00Details
redcarpet Gem for Ruby contains a flaw that allows a stack overflow.
This flaw exists because the header_anchor() function in html.c uses
variable length arrays (VLA) without any range checking. This may
allow a remote attacker to execute arbitrary code.
Aliases
{
"GSD": {
"alias": "CVE-2015-5147",
"description": "Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.",
"id": "GSD-2015-5147",
"references": [
"https://www.suse.com/security/cve/CVE-2015-5147.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "redcarpet",
"purl": "pkg:gem/redcarpet"
}
}
],
"aliases": [
"CVE-2015-5147",
"OSVDB-123859",
"GHSA-7322-9mx6-5j2m"
],
"details": "redcarpet Gem for Ruby contains a flaw that allows a stack overflow.\nThis flaw exists because the header_anchor() function in html.c uses\nvariable length arrays (VLA) without any range checking. This may\nallow a remote attacker to execute arbitrary code.\n",
"id": "GSD-2015-5147",
"modified": "2015-06-22T00:00:00.000Z",
"published": "2015-06-22T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "http://seclists.org/oss-sec/2015/q2/818"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 7.5,
"type": "CVSS_V2"
}
],
"summary": "redcarpet Gem for Ruby html.c header_anchor() Function Stack Overflow"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md"
},
{
"name": "[oss-security] 20150629 CVE request: Stack overflow in redcarpet\u0027s header_anchor",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/29/3"
},
{
"name": "[oss-security] 20150630 Re: CVE request: Stack overflow in redcarpet\u0027s header_anchor",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/30/10"
},
{
"name": "75508",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75508"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2015-5147",
"cvss_v2": 7.5,
"date": "2015-06-22",
"description": "redcarpet Gem for Ruby contains a flaw that allows a stack overflow.\nThis flaw exists because the header_anchor() function in html.c uses\nvariable length arrays (VLA) without any range checking. This may\nallow a remote attacker to execute arbitrary code.\n",
"gem": "redcarpet",
"ghsa": "7322-9mx6-5j2m",
"osvdb": 123859,
"patched_versions": [
"\u003e= 3.3.2"
],
"title": "redcarpet Gem for Ruby html.c header_anchor() Function Stack Overflow",
"unaffected_versions": [
"\u003c 3.3.0"
],
"url": "http://seclists.org/oss-sec/2015/q2/818"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c3.3.2",
"affected_versions": "All versions before 3.3.2",
"credit": "Giancarlo Canales Barreto",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cwe_ids": [
"CWE-1035",
"CWE-119",
"CWE-937"
],
"date": "2015-07-14",
"description": "The package redcarpet contains a flaw that allows a stack overflow. This flaw exists because the `header_anchor()` function in `html.c` uses variable length arrays (VLA) without any range checking. This may allow a remote attacker to execute arbitrary code.",
"fixed_versions": [
"3.3.2"
],
"identifier": "CVE-2015-5147",
"identifiers": [
"CVE-2015-5147"
],
"not_impacted": "All versions starting from 3.3.2",
"package_slug": "gem/redcarpet",
"pubdate": "2015-07-14",
"solution": "Upgrade to version 3.3.2 or above.",
"title": "Stack Overflow via header_anchor()",
"urls": [
"http://seclists.org/oss-sec/2015/q2/818",
"https://github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fb"
],
"uuid": "4133ae66-4c4a-4a2b-9f27-8ebcf85621d2"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redcarpet_project:redcarpet:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.3.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5147"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75508",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/75508"
},
{
"name": "[oss-security] 20150629 CVE request: Stack overflow in redcarpet\u0027s header_anchor",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2015/06/29/3"
},
{
"name": "https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md",
"refsource": "CONFIRM",
"tags": [],
"url": "https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md"
},
{
"name": "[oss-security] 20150630 Re: CVE request: Stack overflow in redcarpet\u0027s header_anchor",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2015/06/30/10"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2015-07-14T18:23Z",
"publishedDate": "2015-07-14T16:59Z"
}
}
}