CVE-2026-25516

CVE-2026-25516 affects NiceGUI’s ui.markdown() in multiple sources (NVD, Red Hat, OSV, etc.). The vulnerability arises because markdown2’s default behavior allows raw HTML to pass through, enabling attacker-controlled content to inject HTML/JS event handlers when rendered via innerHTML. ui.markdo...

EUVD-2020-0105

Malware in sbrugna...

EUVD-2018-0089

Malware in sbrugna...

EUVD-2021-0118

Malware in sbrugna...

aequitas (>=0.26.0 <=0.42.0), ai-parrot (>=0.5.0 <=0.10.0) +75 more potentially affected by unknown CVE via markdown2 (>=2.3.0 <=2.5.3)

markdown2 PYPI version =2.3.0, =0.26.0, =0.5.0, =0.0.1, =0.0.1, =2.0.4, =0.39.0, =0.1.0, =0.0.465, =0.0.45, =0.5.29, =0.1.1, =0.1.0, =0.1.2 - criscostack =1.0.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-MARKDOWN2-11356592...

CVE-2009-3724

python-markdown2 before 1.0.1.14 has multiple cross-site scripting XSS issues...

aequitas (>=0.26.0 <=0.42.0), ai-parrot (>=0.5.0 <=0.10.0) +66 more potentially affected by unknown CVE via markdown2 (>=2.3.0 <=2.5.0)

markdown2 PYPI version =2.3.0, =0.26.0, =0.5.0, =0.0.1, =0.0.1, =2.0.4, =0.39.0, =0.1.0, =0.0.465, =0.0.45, =0.5.29, =0.1.1, =0.1.0, =0.1.2 - criscostack =1.0.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-MARKDOWN2-8320937...

OPENSUSE-SU-2024:14146-1 python310-markdown2-2.4.13-1.2 on GA media

These are all security issues fixed in the python310-markdown2-2.4.13-1.2 package on the GA media of openSUSE Tumbleweed...

FreeBSD : py-markdown2 -- XSS vulnerability (cf6f3465-e996-4672-9458-ce803f29fdb7)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cf6f3465-e996-4672-9458-ce803f29fdb7 advisory. - python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match...

FreeBSD : py-markdown2 -- regular expression denial of service vulnerability (c9b3324f-8e03-4ae3-89ce-8098cdc5bfa9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c9b3324f-8e03-4ae3-89ce-8098cdc5bfa9 advisory. - markdown2 =1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service...

SUSE CVE-2021-26813

markdown2 =1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time...

aequitas (>=0.26.0 <=0.42.0), ankiin (>=0.0.1 <=0.1.7) +44 more potentially affected by unknown CVE via markdown2 (>=2.3.0 <=2.4.10)

markdown2 PYPI version =2.3.0, =0.26.0, =0.0.1, =0.0.1, =0.39.0, =0.1.0, =0.0.511, =0.0.45, =0.5.29, =0.0.1a1, =3.8.3, =0.1.3, =0.1.661, =0.0.1, =0.0.6 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-MARKDOWN2-3247624...

Cross-site scripting in markdown2 for python

python-markdown2 before 1.0.1.14 has multiple cross-site scripting XSS issues...

GHSA-72CX-5FF9-4HHC Cross-site scripting in markdown2 for python

python-markdown2 before 1.0.1.14 has multiple cross-site scripting XSS issues...

Fedora: Security Advisory for python-markdown2 (FEDORA-2021-3d53fe8dff)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for python-markdown2 (FEDORA-2021-2ea12ae478)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: python-markdown2-2.4.2-1.fc35

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

Inefficient Regular Expression Complexity in trentm/python-markdown2

Description I would like to report a Regular Expression Denial of Service ReDoS vulnerability in markdown2. The ReDoS vulnerability is mainly due to the sub-pattern with quantified overlapping adjacency and can be exploited with the following code. Proof of Concept // PoC.py import markdown2 from...

markdown2 Regular Expression Denial of Service

markdown2 =1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time...

aequitas (>=0.26.0 <=0.42.0), askbot (=0.12.3) +29 more potentially affected by CVE-2021-26813 via markdown2 (>=2.3.0 <=2.3.9)

markdown2 PYPI version =2.3.0, =0.26.0, =0.39.0, =0.1.0, =0.5.29, =3.8.3, =0.0.1, =0.4.1, =0.0.1, =0.7.0a1, =0.7.0a2 - markb =0.2.6 - mnemocards =0.1.1 and more Source cves: CVE-2021-26813 Source advisory: OSV:GHSA-JR9P-R423-9M2R...