CVE-2022-39209

Risk Scores

Affected Products

Exploit Intelligence

• DoS via markdown API from unauthenticated user (hackerone)
• DoS via markdown API from unauthenticated user (hackerone)
• DoS via markdown API from unauthenticated user (hackerone)
• https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q (circl)
• https://github.com/github/cmark-gfm/commit/9d57d8a23142b316282bdfc954cb0ecda40a8655 (circl)
• https://en.wikipedia.org/wiki/Time_complexity (circl)
• FEDORA-2022-6bcee2cc93 (circl)
• FEDORA-2022-f1aed93db8 (circl)
• FEDORA-2022-dc6d6d9d6c (circl)

Timeline

• CVE Published
• Sep 16, 2022 EPSS Score
• Dec 13, 2022 PoC Published
• Mar 7, 2023 EPSS Score
• Mar 17, 2025 EPSS Score
• Mar 29, 2025 EPSS Score
• Mar 30, 2025 EPSS Score
• May 1, 2025 EPSS Score
• May 4, 2025 EPSS Score
• Jun 1, 2025 EPSS Score
• Jun 4, 2025 EPSS Score
• Jul 1, 2025 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1935.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1935 advisory
• https://bodhi.fedoraproject.org/updates/FEDORA-2023-d1e9e62a92 advisory
• https://nvd.nist.gov/vuln/detail/CVE-2022-23738 advisory
• https://github.com/advisories/GHSA-wq4h-7r42-5hrr advisory
• https://github.com/advisories/GHSA-xh29-r2w5-wx8m advisory
• https://lists.suse.com/pipermail/sle-security-updates/2022-November/012823.html advisory
• https://lists.suse.com/pipermail/sle-security-updates/2022-November/012945.html advisory
• https://lists.suse.com/pipermail/sle-security-updates/2022-November/012946.html advisory
• https://alas.aws.amazon.com/ALAS-2022-1648.html advisory