Lucene search
K

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.5 views

SUSE CVE-2018-5773

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

6.1CVSS6AI score0.00812EPSS
Exploits0References2
Veracode
Veracode
added 2020/07/07 7:40 a.m.18 views

Cross-Site Scripting (XSS)

markdown2 is vulnerable to cross-site scripting XSS attacks. The vulnerability is introduced because of using a loosely defined regular expression for incompletetagsre string in the function encodeampsandangles causing a bypass of HTML element if a user passes a malicious string with a new line...

6.1CVSS0.9AI score0.00812EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/02/18 12:0 a.m.21 views

Fedora Update for python-markdown2 FEDORA-2019-a16e1127d3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.2AI score0.00812EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.21 views

Fedora 29 : python-markdown2 (2018-6a8028084d)

python-markdown2 2.3.6 - pull 282 Add TOC depth option - pull 283 Fix to add TOC html to output via CLI - pull 284 Do not remove anchors in safemode - pull 288 fixing cuddled-lists with a single list item - pull 292 Fix Wrong rendering of last list element - pull 295 link-patterns fix - pull 300...

6.1CVSS6.1AI score0.00812EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/11 12:0 a.m.17 views

Fedora Update for python-markdown2 FEDORA-2018-e52160d0bc

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.3AI score0.00812EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/11 12:0 a.m.18 views

Fedora 27 : python-markdown2 (2018-e52160d0bc)

python-markdown2 2.3.6 - pull 282 Add TOC depth option - pull 283 Fix to add TOC html to output via CLI - pull 284 Do not remove anchors in safemode - pull 288 fixing cuddled-lists with a single list item - pull 292 Fix Wrong rendering of last list element - pull 295 link-patterns fix - pull 300...

6.1CVSS6.1AI score0.00812EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2018/07/12 8:29 p.m.3 views

aequitas (>=0.26.0 <=0.42.0), codalab (>=0.5.29 <=0.5.52) +13 more potentially affected by CVE-2018-5773 via markdown2 (>=2.3.0 <=2.3.5)

markdown2 PYPI version =2.3.0, =0.26.0, =0.5.29, =3.8.3, =0.0.1, =0.7.0a1, =0.4.3, =2.1.0, =1.13.0, =2.1.0, =2.24.1, =4.2.0, =5.5.5 Source cves: CVE-2018-5773 Source advisory: OSV:GHSA-P6H9-GW49-RQM4...

6.1CVSS6.3AI score0.00812EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/01/18 9:29 p.m.2 views

aequitas (>=0.26.0 <=0.42.0), codalab (>=0.5.29 <=0.5.52) +13 more potentially affected by CVE-2018-5773 via markdown2 (>=2.3.0 <=2.3.5)

markdown2 PYPI version =2.3.0, =0.26.0, =0.5.29, =3.8.3, =0.0.1, =0.7.0a1, =0.4.3, =2.1.0, =1.13.0, =2.1.0, =2.24.1, =4.2.0, =5.5.5 Source cves: CVE-2018-5773 Source advisory: OSV:PYSEC-2018-13...

6.1CVSS6.3AI score0.00812EPSS
Exploits0
CVE
CVE
added 2018/01/18 9:0 p.m.85 views

CVE-2018-5773

The CVE-2018-5773 vulnerability affects python-markdown2 (markdown2) up to version 2.3.5, where safe_mode fails to properly escape input, enabling XSS with crafted payloads (e.g., missing final '&gt;' in an IMG tag). Public fixes are documented in Fedora advisories for 2.3.7 (and related opensuse...

6.1CVSS5.6AI score0.00812EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder