12 matches found
OPENSUSE-SU-2026:21339-1 Security update for python-mistune
This update for python-mistune fixes the following issues - CVE-2026-59922: quadratic-time parsing on long runs of some markers in formatting.py can lead to DoS bsc1271117. - CVE-2026-59923: HTMLRenderer.safeurl does not block percent-encoded javascript URIs and allows for XSS bsc1271119. -...
Linux Distros Unpatched Vulnerability : CVE-2026-59930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable...
DEBIAN-CVE-2026-44898
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...
CVE-2026-44897 Mistune Heading ID Attribute Injection XSS
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in...
CVE-2026-44897 Mistune Heading ID Attribute Injection XSS
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in...
EUVD-2026-31994
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in...
CVE-2026-44897
Mistune prior to 3.2.1 constructs the HTML heading tag by appending the id attribute value directly, without escaping. If the heading_id callback returns raw text containing quotes or markup, an attacker can inject arbitrary attributes (e.g., onmouseover, src, href) into the element, enabling XS...
CVE-2026-44897
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in...
GHSA-V87V-83H2-53W7 Mistune Heading ID Attribute has Injection XSS
Summary HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in the id value terminates the attribute, allowing an attacker to inject...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the HTMLRenderer heading rendering path in the HTML renderer. An attacker can inject arbitrary HTML by supplying a heading id attribute value that contains quotes and markup. The rendered output can be alter...
Mistune Heading ID Attribute has Injection XSS
Summary HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in the id value terminates the attribute, allowing an attacker to inject...
PT-2026-39330
Name of the Vulnerable Software and Affected Versions mistune versions prior to 3.2.1 Description In the HTMLRenderer.heading function within src/mistune/renderers/html.py, the id attribute of heading tags is constructed by directly concatenating the value into the HTML without sanitization. When...