Advisories for Gem/Redcarpet package

In Redcarpet there is an injection vulnerability which can enable a cross-site scripting attack. This applies even when the :escape_html option was being used.

The package redcarpet contains a flaw that allows a stack overflow. This flaw exists because the header_anchor() function in html.c uses variable length arrays (VLA) without any range checking. This may allow a remote attacker to execute arbitrary code.

There's a flaw that allows a cross-site scripting (XSS) attack. This flaw exists because the parse_inline() function in markdown.c does not validate input before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.