md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory Corruption
Buffer Overflow
Md2Roff
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.7%