2 matches found
CVE-2023-32309
CVE-2023-32309 affects PyMdown Extensions (Python-Markdown extensions) and specifically the Snippets feature. The vulnerability allows arbitrary file read via include-file syntax and directory-tr traversal beyond a configured base path, e.g. paths like /etc/passwd or /proc/self/environ can be exp...
CVE-2025-68142
CVE-2025-68142 involves PyMdown Extensions (Python-Markdown) where the figure caption extension (pymdownx.blocks.caption) exposes a ReDO S vulnerability in versions before 10.16.1. The flaw can cause long processing delays when handling unchecked user content, potentially leading to hangs; exploi...