4 known bugs in markdown-it-py, with affected versions, fixes and workarounds. Sourced from upstream issue trackers.
| Severity | Affected | Fixed in | Title | Status | Source |
|---|---|---|---|---|---|
| high | any | 2.2.0 | markdown-it-py Denial of Service vulnerability Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input. | fixed | osv:GHSA-vrjv-mxr7-vjf8 |
| high |
Get this data programmatically \u2014 free, no authentication.
curl https://depscope.dev/api/bugs/pypi/markdown-it-py| 2.2.0 |
markdown-it-py Denial of Service vulnerability in the command line interface Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. |
| fixed |
| osv:GHSA-jrwr-5x3p-hvc3 |
| medium | any | ae03c6107dfa18e648f6fdd1280f5b89092d5d49 | PYSEC-2023-24: advisory Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input. | fixed | osv:PYSEC-2023-24 |
| medium | any | 53ca3e9c2b9e9b295f6abf7f4ad2730a9b70f68c | PYSEC-2023-23: advisory Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. | fixed | osv:PYSEC-2023-23 |