md4c_project 漏洞與 CVE 列表（8）

產品（CPE）: — CVE 數: 8

md4c_project 漏洞概覽

彙總 md4c_project 相關全部產品的 CVE 與安全漏洞情報，包括 CVSS、EPSS、公開時間與漏洞情報資料。

常見弱點模式包括緩衝區溢位與記憶體損壞，在生產負載與軟體部署使用場景中可能帶來應用程式崩潰與記憶體損壞等風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告，可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢（近 24 個月）

CVE	摘要	來源	最高 CVSS	EPSS %	公開時間	更新時間
CVE-2021-30027	md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory, and cause a denial of service via a malformed Markdown document.	[email protected]	5.5	0.70%	2021-04-29	2026-06-16
CVE-2020-26148	md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.	[email protected]	7.5	1.41%	2020-09-30	2026-06-16
CVE-2018-12112	md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.	[email protected]	7.8	1.27%	2018-06-11	2026-06-16
CVE-2018-12102	md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.	[email protected]	5.5	0.85%	2018-06-11	2026-06-16
CVE-2018-11547	md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination.	[email protected]	9.8	1.63%	2018-05-29	2026-06-16
CVE-2018-11546	md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error.	[email protected]	9.8	1.63%	2018-05-29	2026-06-16
CVE-2018-11545	md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes.	[email protected]	9.8	1.59%	2018-05-29	2026-06-16
CVE-2018-11536	md4c before 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.	[email protected]	9.8	1.71%	2018-05-29	2026-06-16

cvelogic Threat Intelligence