Lucene search
K

26 matches found

OSV
OSV
added 2025/09/19 4:16 a.m.4 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

9.8CVSS6.8AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/19 12:0 a.m.3 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

5.4CVSS6.5AI score0.00361EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.8 views

PT-2025-38507

Name of the Vulnerable Software and Affected Versions @digitalocean/do-markdownit versions through 1.16.1 Description The callout and fence environment plugins in the @digitalocean/do-markdownit package perform .includes substring matching if allowedClasses or allowedEnvironments is a string...

9.8CVSS6.4AI score0.00361EPSS
Exploits1References12
Cvelist
Cvelist
added 2025/09/19 12:0 a.m.7 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

5.4CVSS0.00361EPSS
Exploits1References3
CVE
CVE
added 2025/09/19 12:0 a.m.19 views

CVE-2025-59717

The CVE concerns the @digitalocean/do-markdownit package (through v1.16.1). The callout and fence_environment plugins treat allowedClasses/allowedEnvironments as strings by using a substring check, instead of requiring an array. This leads to a type confusion-like behavior and potential bypass of...

9.8CVSS6.5AI score0.00361EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/01/17 2:7 p.m.2 views

OESA-2025-1044 apache-mina security update

Apache MINA is a network application framework which helps users develop high performance and high scalability network applications easily. It provides an abstract event-driven asynchronous API over various transports such as TCP/IP and UDP/IP via Java NIO. Security Fixes: The...

10CVSS8.2AI score0.23932EPSS
Exploits0References2
Rows per page
Query Builder