Upstream information

CVE-2018-11504 at MITRE

Description

The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having not set severity.

SUSE Bugzilla entry: 1094805

No SUSE Security Announcements cross referenced.