Vulnerabilities > CVE-2020-26148 - Use of Uninitialized Resource vulnerability in Md4C Project Md4C 0.4.5

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
md4c-project
CWE-908

Summary

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

Vulnerable Configurations

Part Description Count
Application
Md4C_Project
1

Common Weakness Enumeration (CWE)