5 matches found
EUVD-2023-0728
Malicious code in bioql PyPI...
EUVD-2023-0709
Malicious code in bioql PyPI...
GHSA-GPVJ-GP8C-C7P2 Regular Expression Denial of Service in simple-markdown
A vulnerability has been found in simple-markdown 0.5.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file simple-markdown.js. The manipulation leads to inefficient regular expression complexity. The attack can be launched remotely. Upgrading to...
@anzeblabla/react-native-markdown-editor (>=1.0.3 <=2.1.1), @gorangajic/react-native-markdown (=0.1.1) +22 more potentially affected by CVE-2019-9844 via simple-markdown (>=0.0.9 <=0.4.2)
simple-markdown NPM version =0.0.9, =1.0.3, =1.3.0, =1.0.1, =1.0.4, =2.3.0, =0.1.0, =1.2.0, =2.4.0, =1.2.0, =1.1.0, =1.0.0, =1.10.0 and more Source cves: CVE-2019-9844 Source advisory: OSV:GHSA-QJ3F-9GMQ-FWV5...
simple-markdown cross-site scripting vulnerability
simple-markdown is a simple, extensible Markdown-like parser . A cross-site scripting vulnerability exists in simple-markdown.js in Khan Academy simple-markdown versions prior to 0.4.4. The vulnerability can be exploited to conduct cross-site scripting attacks via the data: or vbscript: URI...