Patching for Windows Mac Linux
CVE Vulnerabilities for reMarkable
| CVE | Published | Severity | Details | Exploitability | Impact | Vector |
|---|---|---|---|---|---|---|
| CVE‑2019‑12043 | 2019‑05‑13 14:29:02 | MEDIUM (4) | In remarkable 1.7.1, lib/parser_inline.js mishandles URL filtering, which allows attackers to trigger XSS via unprintable characters, as demonstrated by a \x0ejavascript: URL. | 0 | 0 | NETWORK |
| CVE‑2019‑12041 | 2019‑05‑13 13:29:02 | HIGH (8) | lib/common/html_re.js in remarkable 1.7.1 allows Regular Expression Denial of Service (ReDoS) via a CDATA section. | 4 | 4 | NETWORK |
| CVE‑2017‑16006 | 2018‑06‑04 19:29:01 | MEDIUM (4) | Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript. | 0 | 0 | NETWORK |
| CVE‑2014‑10065 | 2018‑05‑31 20:29:00 | MEDIUM (4) | Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content. | 0 | 0 | NETWORK |
What applications does Lavawall® monitor?
Lavawall monitors patches for over 7,500 applications. This is a summary of the most popular applications.Click here for the full list.
Click the applications below for the current version and known vulnerabilities.
Logos are property of their respective trademark holders and are not affiliated with ThreeShield or Lavawall. We have not audited the security of most of the listed tools.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.