Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.24 views

Fedora 30 : nodejs-simple-markdown (2019-bce274cbf6)

Update to latest upstream release, fix CVE-2019-9844 rhbz1695304, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.1CVSS6.1AI score0.01274EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/15 12:0 a.m.26 views

Fedora 28 : nodejs-simple-markdown (2019-8e7c71f45b)

Update to latest upstream release, fix CVE-2019-9844 rhbz1695304, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.1CVSS6.1AI score0.01274EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2019/04/09 7:47 p.m.4 views

@anzeblabla/react-native-markdown-editor (>=1.0.3 <=2.1.1), @gorangajic/react-native-markdown (=0.1.1) +22 more potentially affected by CVE-2019-9844 via simple-markdown (>=0.0.9 <=0.4.2)

simple-markdown NPM version =0.0.9, =1.0.3, =1.3.0, =1.0.1, =1.0.4, =2.3.0, =0.1.0, =1.2.0, =2.4.0, =1.2.0, =1.1.0, =1.0.0, =1.10.0 and more Source cves: CVE-2019-9844 Source advisory: OSV:GHSA-QJ3F-9GMQ-FWV5...

6.1CVSS6.3AI score0.01274EPSS
Exploits0
NVD
NVD
added 2019/04/09 2:29 a.m.11 views

CVE-2019-9844

simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI...

6.1CVSS5.9AI score0.01274EPSS
Exploits0References5
OSV
OSV
added 2019/04/09 2:29 a.m.19 views

CVE-2019-9844

simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI...

6.1CVSS5.5AI score
Exploits0References5
CVE
CVE
added 2019/03/15 11:0 p.m.73 views

CVE-2019-9844

CVE-2019-9844 affects the Node package simple-markdown (Khan Academy’s simple-markdown) up to version 0.4.3. The vulnerability is a Cross‑Site Scripting (XSS) flaw caused by insufficient input sanitization in links, enabling execution of malicious JavaScript via data: or VBScript: URIs. The issue...

6.1CVSS5.7AI score0.01274EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/03/15 11:0 p.m.42 views

CVE-2019-9844

simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI...

5.9AI score0.01274EPSS
Exploits0References5
Rows per page
Query Builder