High severityNVD Advisory· Published Jul 14, 2015· Updated Jun 17, 2026
CVE-2015-5147
CVE-2015-5147
Description
Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
redcarpetRubyGems | >= 3.3.0, < 3.3.2 | 3.3.2 |
Affected products
2Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-7322-9mx6-5j2mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-5147ghsaADVISORY
- www.openwall.com/lists/oss-security/2015/06/29/3nvdWEB
- www.openwall.com/lists/oss-security/2015/06/30/10nvdWEB
- github.com/vmg/redcarpet/blob/master/CHANGELOG.mdnvdWEB
- github.com/vmg/redcarpet/commit/2cee777c1e5babe8a1e2683d31ea75cc4afe55fbghsaWEB
- web.archive.org/web/20150711061256/http://www.securityfocus.com/bid/75508ghsaWEB
- www.securityfocus.com/bid/75508nvd
News mentions
0No linked articles in our index yet.