Lucene search
GoogleOSV:PYSEC-2017-18HistoryDec 29, 2017 - 3:29 p.m.
PYSEC-2017-18
2017-12-2915:29:00
Google
osv.dev
8
0.001 Low
EPSS
Percentile
49.2%
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the “key” argument.
References
bugzilla.redhat.com/show_bug.cgi?id=1524596
github.com/advisories/GHSA-98gj-wwxm-cj3h
github.com/lepture/mistune/blob/master/CHANGES.rst
github.com/lepture/mistune/commit/5f06d724bc05580e7f203db2d4a4905fc1127f98
lists.fedoraproject.org/archives/list/[email protected]/message/NUR3GMHQBMA3UC4PFMCK6GCLOQC4LQQC/
Related
nvd
nvd
CVE-2017-16876
2017-12-29 15:29:00
osv
osv
mistune Cross-site scripting (XSS) vulnerability
2019-01-04 17:47:50
CVE-2017-16876
2017-12-29 15:29:00
veracode
veracode
Cross-site Scripting (XSS)
2017-11-24 02:04:25
cvelist
cvelist
CVE-2017-16876
2017-12-29 15:00:00
prion
prion
Cross site scripting
2017-12-29 15:29:00
ubuntucve
ubuntucve
CVE-2017-16876
2017-12-29 00:00:00
debiancve
debiancve
CVE-2017-16876
2017-12-29 15:29:00
cve
cve
CVE-2017-16876
2017-12-29 15:29:00
github
github
mistune Cross-site scripting (XSS) vulnerability
2019-01-04 17:47:50
nessus
nessus
Fedora 26 : python-mistune (2017-7b4149911a)
2017-12-28 00:00:00
Fedora 27 : python-mistune (2017-2eefd424bd)
2018-01-15 00:00:00
openSUSE Security Update : python-mistune (openSUSE-2018-148)
2018-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: python-mistune-0.8.3-1.fc26
2017-12-27 20:52:21
[SECURITY] Fedora 27 Update: python-mistune-0.8.3-1.fc27
2017-12-29 18:45:31
mageia
mageia
Updated python-mistune packages fix security vulnerabilities
2018-01-07 19:06:39
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0066)
2022-01-28 00:00:00
Fedora Update for python-mistune FEDORA-2017-7b4149911a
2017-12-29 00:00:00
Fedora Update for python-mistune FEDORA-2017-2eefd424bd
2017-12-30 00:00:00