writeups.xyz / The MarkdownTime Vulnerability: How to Avoid This DoS Attack on Business Critical Services

Submitter : c2a

Date: 18 January 2023

Bounty : undisclosed

Vulnerabilities :

• DoS

Programs :

• GitLab
• GitHub
• Commonmarker RubyGem

Authors :

• Tor Beer (@Tor19951)

Link :
https://www.legitsecurity.com/blog/dos-via-software-supply-chain-innumerable-projects-exposed-to-a-markdown-library-vulnerability