Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Dismissed
Filter by:
With package: python312Packages.markdown-it-py

Found 2 matching suggestions

View:
Compact
Detailed
Permalink CVE-2023-26302
3.3 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
updated 1 year ago by @LeSuisse Activity log
  • Created automatic suggestion 1 year, 1 month ago
  • @LeSuisse dismissed 1 year ago
markdown-it-py CLI crash on invalid UTF-8 characters

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input.

Affected products

markdown-it-py
  • <v2.2.0

Matching in nixpkgs

Package maintainers

Permalink CVE-2023-26303
3.3 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
updated 1 year ago by @LeSuisse Activity log
  • Created automatic suggestion 1 year, 1 month ago
  • @LeSuisse dismissed 1 year ago
markdown-it-py crash on null assertions

Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input.

Affected products

markdown-it-py
  • <v2.2.0

Matching in nixpkgs

Package maintainers