Debian Ruby-Redcarpet vulnerabilities

CVE-2020-26298 [MEDIUM] CVE-2020-26298: ruby-redcarpet - Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version... Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the `:escape_html` option was being used. This is fixed in version 3.5.1 by the re

CVE-2015-5147 [HIGH] CVE-2015-5147: ruby-redcarpet - Stack-based buffer overflow in the header_anchor function in the HTML renderer i... Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved