10 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-21535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting XSS via the src property due to improper input sanitization. An...
Fedora: Security Advisory (FEDORA-2024-6aa3b5248f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : jupyterlab / python-notebook (2024-d335b971e7)
The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-d335b971e7 advisory. New jupyterlab and notebook fixing security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 40 : jupyterlab / python-notebook (2024-c4377d35e6)
The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-c4377d35e6 advisory. New jupyterlab and notebook fixing security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora: Security Advisory (FEDORA-2024-c4377d35e6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-21535
creationtimestamp| type| source ---|---|--- 2024-10-15 07:44:14+00:00| seen| https://t.me/cvedetector/7882...
@0xgabi/1hive-ui (=1.0.11), @0xgabi/ui (>=1.4.3 <=1.9.5) +1868 more potentially affected by CVE-2024-21535 via markdown-to-jsx (>=2.0.1 <=7.3.2)
markdown-to-jsx NPM version =2.0.1, =1.4.3, =1.0.0, =1.0.5, =0.1.4, =1.0.0, =1.2.0, =1.0.0, =1.1.4, =1.16.0, =1.1.2, =0.5.19-20200320212412, =1.0.0-beta.10, =1.0.0, =1.0.5 - @admin-bro/design-system =1.4.0 and more Source cves: CVE-2024-21535 Source advisory: OSV:GHSA-4WX3-54GH-9FR9...
CVE-2024-21535
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting XSS via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown...
CVE-2024-21535
Technical details about CVE-2024-21535 are not provided in the connected documents. Monitoring for updates is advised.
@apolitical/component-library (>=1.7.0 <=10.5.0), @apolitical/styleguide2 (>=3.17.0-rc.1 <=7.8.1) +57 more potentially affected by CVE-2024-21535 via markdown-to-jsx (>=7.0.0 <=7.3.2)
markdown-to-jsx NPM version =7.0.0, =1.7.0, =3.17.0-rc.1, =1.0.6, =0.0.0-AddSnapshotPipeline-20240326102812, =6.1.1, =7.3.2, =0.1.0, =0.9.1, =0.1.0, =1.1.1, =0.2.36, =2.0.5, =2.0.12 and more Source cves: CVE-2024-21535 Source advisory: SNYK:JS-MARKDOWNTOJSX-6258886...