Lucene search
K

97 matches found

Fedora
Fedora
added 2018/10/09 12:7 a.m.19 views

[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2018/07/12 8:29 p.m.20 views

markdown2 is vulnerable to cross-site scripting

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final character from...

6.1CVSS1.4AI score0.00812EPSS
Exploits0References8Affected Software1
CNVD
CNVD
added 2018/01/19 12:0 a.m.4 views

markdown2 cross-site scripting vulnerability

markdown2 a.k.a. python-markdown2 is a lightweight markup language implemented in Python, developed by American software developer John Gruber John Gruber, which supports the conversion of plain-text formatted documents into valid XHTML or HTML documents. A cross-site scripting vulnerability exis...

6.1CVSS6.1AI score0.00812EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2018/01/18 9:29 p.m.2 views

aequitas (>=0.26.0 <=0.42.0), codalab (>=0.5.29 <=0.5.52) +13 more potentially affected by CVE-2018-5773 via markdown2 (>=2.3.0 <=2.3.5)

markdown2 PYPI version =2.3.0, =0.26.0, =0.5.29, =3.8.3, =0.0.1, =0.7.0a1, =0.4.3, =2.1.0, =1.13.0, =2.1.0, =2.24.1, =4.2.0, =5.5.5 Source cves: CVE-2018-5773 Source advisory: OSV:PYSEC-2018-13...

6.1CVSS6.3AI score0.00812EPSS
Exploits0
PyPA
PyPA
added 2018/01/18 9:29 p.m.4 views

PYSEC-2018-13

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

6.1CVSS6.3AI score0.00812EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/01/18 9:29 p.m.12 views

CVE-2018-5773

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

6.1CVSS5.9AI score0.00812EPSS
Exploits0References1
OSV
OSV
added 2018/01/18 9:29 p.m.18 views

CVE-2018-5773

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

6.1CVSS6AI score
Exploits0References1
Prion
Prion
added 2018/01/18 9:29 p.m.11 views

Design/Logic Flaw

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

4.3CVSS5.8AI score0.00812EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/01/18 9:0 p.m.85 views

CVE-2018-5773

The CVE-2018-5773 vulnerability affects python-markdown2 (markdown2) up to version 2.3.5, where safe_mode fails to properly escape input, enabling XSS with crafted payloads (e.g., missing final '&gt;' in an IMG tag). Public fixes are documented in Fedora advisories for 2.3.7 (and related opensuse...

6.1CVSS5.6AI score0.00812EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/18 9:0 p.m.21 views

CVE-2018-5773

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

5.8AI score0.00812EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/11/11 12:0 a.m.21 views

Fedora Core 11 FEDORA-2009-10329 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10329. OpenVAS Vulnerability Test $Id: fcore200910329.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10329 python-markdown2 Authors: Thomas Reinke Copyright...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2009/11/11 12:0 a.m.9 views

Fedora Core 10 FEDORA-2009-10377 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377. OpenVAS Vulnerability Test $Id: fcore200910377.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10377 python-markdown2 Authors: Thomas Reinke Copyright...

Exploits0
OpenVAS
OpenVAS
added 2009/11/11 12:0 a.m.17 views

Fedora Core 10 FEDORA-2009-10377 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

7.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/11/11 12:0 a.m.17 views

Fedora Core 11 FEDORA-2009-10329 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10329. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/10/28 12:0 a.m.14 views

Fedora 11 : python-markdown2-1.0.1.15-1.fc11 (2009-10329)

Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - Issue 30 Fix a possible XSS via JavaScript injection in a carefully crafted image reference usage of double-quotes in the URL. - Issue 29 Fix security hole in the md5-hashing scheme for handlin...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/10/28 12:0 a.m.11 views

Fedora 10 : python-markdown2-1.0.1.15-1.fc10 (2009-10377)

Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - Issue 30 Fix a possible XSS via JavaScript injection in a carefully crafted image reference usage of double-quotes in the URL. - Issue 29 Fix security hole in the md5-hashing scheme for handlin...

5.4AI score
Exploits0References2
Fedora
Fedora
added 2009/10/27 7:21 a.m.18 views

[SECURITY] Fedora 11 Update: python-markdown2-1.0.1.15-1.fc11

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

1.6AI score
Exploits0
Rows per page
Query Builder