Lucene search
+L

4 matches found

osv
osv
added 2026/07/08 5:17 p.m.4 views

UBUNTU-CVE-2026-59925

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, long sequences of well-formed double-asterisk or triple-asterisk emphasis pairs around a character cause quadratic work in src/mistune/inlineparser.py because the parser scans forward for matching close markers from...

7.5CVSS6.1AI score0.00358EPSS
Exploits1References3
osv
osv
added 2026/07/08 5:17 p.m.4 views

UBUNTU-CVE-2026-59926

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, renderadmonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...

6.1CVSS6AI score0.00191EPSS
Exploits0References3
osv
osv
added 2026/07/08 5:17 p.m.2 views

UBUNTU-CVE-2026-59928

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/blockparser.py and the reflinks environment dictionary handling, allowing denial of service...

7.5CVSS6.1AI score0.00366EPSS
Exploits1References3
debiancve
debiancve
added 2026/07/08 4:20 p.m.5 views

CVE-2026-59929

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safeurl filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk:...

6.1CVSS6AI score0.00198EPSS
Exploits1
Rows per page
Query Builder