markdown-it-py

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting markdown-it-pypage 1 of 1

CVE-2023-26302LOWCVSS 3.3EG 3.3✓ Fixed in 2.2.0
2023-02-22
vulnerable: 0.1.0 ... 2.1.0 (40 versions)
Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input.
CVE-2023-26303LOWCVSS 3.3EG 3.3✓ Fixed in 2.2.0
2023-02-23
vulnerable: 0.1.0 ... 2.1.0 (40 versions)
Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input.

Check whether markdown-it-py is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for markdown-it-py CVEs against the assets you own.

Start Free Scan →