97 matches found
[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
markdown2 is vulnerable to cross-site scripting
An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final character from...
markdown2 cross-site scripting vulnerability
markdown2 a.k.a. python-markdown2 is a lightweight markup language implemented in Python, developed by American software developer John Gruber John Gruber, which supports the conversion of plain-text formatted documents into valid XHTML or HTML documents. A cross-site scripting vulnerability exis...
aequitas (>=0.26.0 <=0.42.0), codalab (>=0.5.29 <=0.5.52) +13 more potentially affected by CVE-2018-5773 via markdown2 (>=2.3.0 <=2.3.5)
markdown2 PYPI version =2.3.0, =0.26.0, =0.5.29, =3.8.3, =0.0.1, =0.7.0a1, =0.4.3, =2.1.0, =1.13.0, =2.1.0, =2.24.1, =4.2.0, =5.5.5 Source cves: CVE-2018-5773 Source advisory: OSV:PYSEC-2018-13...
PYSEC-2018-13
An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...
CVE-2018-5773
An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...
CVE-2018-5773
An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...
Design/Logic Flaw
An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...
CVE-2018-5773
The CVE-2018-5773 vulnerability affects python-markdown2 (markdown2) up to version 2.3.5, where safe_mode fails to properly escape input, enabling XSS with crafted payloads (e.g., missing final '>' in an IMG tag). Public fixes are documented in Fedora advisories for 2.3.7 (and related opensuse...
CVE-2018-5773
An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...
Fedora Core 11 FEDORA-2009-10329 (python-markdown2)
The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10329. OpenVAS Vulnerability Test $Id: fcore200910329.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10329 python-markdown2 Authors: Thomas Reinke Copyright...
Fedora Core 10 FEDORA-2009-10377 (python-markdown2)
The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377. OpenVAS Vulnerability Test $Id: fcore200910377.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10377 python-markdown2 Authors: Thomas Reinke Copyright...
Fedora Core 10 FEDORA-2009-10377 (python-markdown2)
The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...
Fedora Core 11 FEDORA-2009-10329 (python-markdown2)
The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10329. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...
Fedora 11 : python-markdown2-1.0.1.15-1.fc11 (2009-10329)
Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - Issue 30 Fix a possible XSS via JavaScript injection in a carefully crafted image reference usage of double-quotes in the URL. - Issue 29 Fix security hole in the md5-hashing scheme for handlin...
Fedora 10 : python-markdown2-1.0.1.15-1.fc10 (2009-10377)
Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - Issue 30 Fix a possible XSS via JavaScript injection in a carefully crafted image reference usage of double-quotes in the URL. - Issue 29 Fix security hole in the md5-hashing scheme for handlin...
[SECURITY] Fedora 11 Update: python-markdown2-1.0.1.15-1.fc11
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...