32 matches found
CVE-2025-68142 PyMdown Extensions has ReDOS bug in Figure Capture extension
PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension pymdownx.blocks.caption. In systems that take unchecked user content, this could cause long hanges when processing the data if a...
CVE-2025-68142 PyMdown Extensions has ReDOS bug in Figure Capture extension
PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension pymdownx.blocks.caption. In systems that take unchecked user content, this could cause long hanges when processing the data if a...
PyMdown Extensions 安全漏洞
PyMdown Extensions is a collection of extensions for Python Markdown by the individual developer Isaac Muse. A security vulnerability exists in PyMdown Extensions versions prior to 10.16.1, which stems from a ReDOS vulnerability in the configure caption extension, which could lead to prolonged...
CVE-2025-68142
creationtimestamp| type| source ---|---|--- 2025-12-15 22:07:58+00:00| published-proof-of-concept| https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-r6h4-mm7h-8pmq...
EUVD-2023-1568
Malicious code in bioql PyPI...
Regular Expression Denial of Service (ReDoS)
Overview pymdown-extensions is an Extension pack for Python Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the figure caption extension, pymdownx.blocks.caption. A user could exploit this vulnerability by crafting a malicious input tha...
CVE-2023-32309
PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...
CVE-2023-32309
PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...
CVE-2023-32309
CVE-2023-32309 affects PyMdown Extensions (Python-Markdown extensions) and specifically the Snippets feature. The vulnerability allows arbitrary file read via include-file syntax and directory-tr traversal beyond a configured base path, e.g. paths like /etc/passwd or /proc/self/environ can be exp...
CVE-2023-32309 Arbitrary file inclusion with the pymdowm-snippets extension
PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...
PyMdown Extensions 路径遍历漏洞
PyMdown Extensions is a collection of extensions for Python Markdown. PyMdown Extensions suffers from a path traversal vulnerability that stems from vulnerability to directory traversal attacks, which could be exploited by an attacker to read arbitrary files...
PT-2023-23718
Name of the Vulnerable Software and Affected Versions PyMdown Extensions versions prior to 10.0 Description The issue allows for an arbitrary file read when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ", the content of these files will be rendered ...