Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-26813

Опубликовано: 03 мар. 2021
Источник: debian
EPSS Низкий

Описание

markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python-markdown2fixed2.3.10-1.1package
python-markdown2no-dsabusterpackage

Примечания

  • https://github.com/trentm/python-markdown2/pull/387

  • https://github.com/trentm/python-markdown2/commit/96dff22341489459c8cb832fdfd066a588ec23bf

  • https://github.com/trentm/python-markdown2/commit/e1954d3a345fc7a4ccc113bd58f7df81ad63b6ec

  • https://github.com/trentm/python-markdown2/commit/c4b4ccb3f9da33f29b013d6d765fd223a8277cfe

EPSS

Процентиль: 70%
0.00624
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-26813

CVSS3: 7.5
ubuntu
почти 5 лет назад

markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.

nvd логотип

CVE-2021-26813

CVSS3: 7.5
nvd
почти 5 лет назад

markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.

suse-cvrf логотип

openSUSE-SU-2021:0429-1

suse-cvrf
почти 5 лет назад

Security update for python-markdown2

github логотип

GHSA-jr9p-r423-9m2r

CVSS3: 7.5
github
больше 4 лет назад

markdown2 Regular Expression Denial of Service

EPSS

Процентиль: 70%
0.00624
Низкий