VIR Vulnerability Intelligence Relay

Package impact

ruby RubyGems / kramdown

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2021-28834 medium 5.5 5y ago Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.