3 matches found
GHSA-62Q4-447F-WV8H Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path
Summary pymdownx.snippets has a regression of the CVE-2023-32309 / GHSA-jh85-wwv9-24hv fix. With restrictbasepath: True the default, the current filename.startswithbase containment check does not enforce a directory boundary. As a result, a markdown snippet directive can read files from sibling...
Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path
Summary pymdownx.snippets has a regression of the CVE-2023-32309 / GHSA-jh85-wwv9-24hv fix. With restrictbasepath: True the default, the current filename.startswithbase containment check does not enforce a directory boundary. As a result, a markdown snippet directive can read files from sibling...
PT-2026-42035
Name of the Vulnerable Software and Affected Versions pymdown-extensions versions 10.0.1 through 10.21.2 Description A regression in the pymdownx.snippets extension allows for arbitrary file read on the host system where the build runs. When restrict base path is set to True, the software uses a...