Monthly
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.