Lucene search
+L

32 matches found

OSV
OSV
added 2025/12/16 6:6 p.m.11 views

CVE-2025-68142 PyMdown Extensions has ReDOS bug in Figure Capture extension

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension pymdownx.blocks.caption. In systems that take unchecked user content, this could cause long hanges when processing the data if a...

6.9CVSS6.5AI score0.00363EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/16 6:6 p.m.33 views

CVE-2025-68142 PyMdown Extensions has ReDOS bug in Figure Capture extension

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension pymdownx.blocks.caption. In systems that take unchecked user content, this could cause long hanges when processing the data if a...

6.9CVSS0.00363EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.5 views

PyMdown Extensions 安全漏洞

PyMdown Extensions is a collection of extensions for Python Markdown by the individual developer Isaac Muse. A security vulnerability exists in PyMdown Extensions versions prior to 10.16.1, which stems from a ReDOS vulnerability in the configure caption extension, which could lead to prolonged...

6.9CVSS6.3AI score0.00363EPSS
Exploits1References3
Circl
Circl
added 2025/12/15 10:7 p.m.8 views

CVE-2025-68142

creationtimestamp| type| source ---|---|--- 2025-12-15 22:07:58+00:00| published-proof-of-concept| https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-r6h4-mm7h-8pmq...

6.9CVSS5.8AI score0.00363EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1568

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01815EPSS
Exploits1References5
Snyk
Snyk
added 2025/07/21 3:26 a.m.1 views

Regular Expression Denial of Service (ReDoS)

Overview pymdown-extensions is an Extension pack for Python Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the figure caption extension, pymdownx.blocks.caption. A user could exploit this vulnerability by crafting a malicious input tha...

6.9CVSS6.8AI score0.00363EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.5 views

CVE-2023-32309

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...

7.5CVSS6.6AI score0.01815EPSS
Exploits1References1
NVD
NVD
added 2023/05/15 9:15 p.m.23 views

CVE-2023-32309

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...

7.5CVSS7.6AI score0.01815EPSS
Exploits1References2
CVE
CVE
added 2023/05/15 8:42 p.m.80 views

CVE-2023-32309

CVE-2023-32309 affects PyMdown Extensions (Python-Markdown extensions) and specifically the Snippets feature. The vulnerability allows arbitrary file read via include-file syntax and directory-tr traversal beyond a configured base path, e.g. paths like /etc/passwd or /proc/self/environ can be exp...

7.5CVSS7.4AI score0.01815EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/05/15 8:42 p.m.23 views

CVE-2023-32309 Arbitrary file inclusion with the pymdowm-snippets extension

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...

7.5CVSS7.4AI score0.01815EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.10 views

PyMdown Extensions 路径遍历漏洞

PyMdown Extensions is a collection of extensions for Python Markdown. PyMdown Extensions suffers from a path traversal vulnerability that stems from vulnerability to directory traversal attacks, which could be exploited by an attacker to read arbitrary files...

7.5CVSS7.5AI score0.01815EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.2 views

PT-2023-23718

Name of the Vulnerable Software and Affected Versions PyMdown Extensions versions prior to 10.0 Description The issue allows for an arbitrary file read when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ", the content of these files will be rendered ...

7.5CVSS6.1AI score0.01815EPSS
Exploits1References13
Rows per page
Query Builder