How severe is CVE-2024-44337?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.1 out of 10.

What type of vulnerability is CVE-2024-44337?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2024-44337

MEDIUM Year: 2024

CVSS v3 Score

5.1

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem.

CVE-2016-0641

MEDIUM

CVSS:5.1(Medium)

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users ...

NVD-CWE-Other2016

CVE-2016-5746

MEDIUM

CVSS:5.1(Medium)

libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by rea...

NVD-CWE-Other2016

CVE-2017-10054

MEDIUM

CVSS:5.1(Medium)

Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications (subcomponent: MMS). The supported version that is affected is 7.30.564.0. Easily explo...

NVD-CWE-Other2017

CVE-2017-10419

MEDIUM

CVSS:5.1(Medium)

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerab...

NVD-CWE-Other2017

CVE-2017-3504

MEDIUM

CVSS:5.1(Medium)

Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnera...

NVD-CWE-Other2017