markdown2 1.3.1 vulnerabilities

Known vulnerabilities in the markdown2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the _do_link_patterns method within the Markdown class in `lib/markdown2.py` file, which insufficiently sanitizes image URLs. An attacker can exploit this by crafting specially formatted markdown input containing malicious image URLs. How to fix Cross-site Scripting (XSS)? Upgrade `markdown2` to version 2.5.1 or higher.	[,2.5.1)
M Cross-site Scripting (XSS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) within the Markdown class in lib/markdown2.py, which insufficiently sanitizes attribute values. An attacker can exploit this by crafting specially formatted markdown input containing HTML tags with malicious attributes. How to fix Cross-site Scripting (XSS)? Upgrade `markdown2` to version 2.5.1 or higher.	[,2.5.1)
M Cross-site Scripting (XSS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization for nested incomplete tags. How to fix Cross-site Scripting (XSS)? Upgrade `markdown2` to version 2.4.4 or higher.	[,2.4.4)
M Regular Expression Denial of Service (ReDoS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regex `\\(?=\S)(.+?[_])(?<=\S)\\`. Exploiting this vulnerability will result in catastrophic backtracking How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `markdown2` to version 2.4.11 or higher.	[,2.4.11)
M Cross-site Scripting (XSS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) which bypass on any `HTML` element by using a new line that does not match to `.+`. How to fix Cross-site Scripting (XSS)? Upgrade `markdown2` to version 2.4.4 or higher.	[0,2.4.4)
M Regular Expression Denial of Service (ReDoS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regex via the `_prepare_pyshell_blocks` function. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `markdown2` to version 2.4.3 or higher.	[,2.4.3)
M Regular Expression Denial of Service (ReDoS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via auto linking url. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `markdown2` to version 2.4.2 or higher.	[,2.4.2)
H Regular Expression Denial of Service (ReDoS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the `_do_headers` function. PoC: `import markdown2 markdown2.markdown(' '*100000+'$')` How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `markdown2` to version 2.4.1 or higher.	[,2.4.1)
H Regular Expression Denial of Service (ReDoS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). If an attacker provides a malicious string, it is possible to make `markdown2` get stuck processing for an exponential time. PoC markdown2.markdown('[#a' + ' ' * 3456, extras=['numbering']) markdown2.markdown('```' + '\n' * 3456, extras=['fenced-code-blocks']) markdown2.markdown('--' + ' ' 3456, use_file_vars=True) How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `markdown2` to version 2.4.0 or higher.	[1.0.1.18,2.4.0)
H Cross Site Scripting (XSS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Cross Site Scripting (XSS) via `link_text` in `markdown2.py` How to fix Cross Site Scripting (XSS)? Upgrade `markdown2` to version 2.3.9 or higher.	[,2.3.9)
H Cross-site Scripting (XSS) markdown2 is a fast and complete Python implementation of Markdown. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Element names are mishandled unless a `\w+` match succeeds. For example, an attack might use `elementname@` or `elementname-` with an `onclick` attribute. How to fix Cross-site Scripting (XSS)? Upgrade `markdown2` to version 2.3.9 or higher.	[0,2.3.9)
M Cross-site Scripting (XSS) `markdown2` is A fast and complete Python implementation of Markdown. Affected versions of the package are vulnerable to Cross-site Scripting (XSS) attacks via the `safe_mode` feature, which is supposed to sanitize user input against XSS. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '>' character from an IMG tag. PoC by Vineet Kumar >>> from markdown2 import markdown as mark >>> mark('<img src="" onerror=alert(/XSS/)>', safe_mode=True) u'<p>[HTML_REMOVED]</p>\n' >>> mark('<img src="" onerror=alert(/XSS/) ', safe_mode=True) # Please notice the space at end of string. u'<p><img src="" onerror=alert(/XSS/) </p>\n' >>> mark('<img src="" onerror=alert(/XSS/)>', safe_mode="escape") u'<p><img src="" onerror=alert(/XSS/)></p>\n' >>> mark('<img src="" onerror=alert(/XSS/) ', safe_mode="escape") u'<p><img src="" onerror=alert(/XSS/) </p>\n' How to fix Cross-site Scripting (XSS)? Upgrade `markdown2` to version 2.3.7 or higher.	[,2.3.7)

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the _do_link_patterns method within the Markdown class in lib/markdown2.py file, which insufficiently sanitizes image URLs. An attacker can exploit this by crafting specially formatted markdown input containing malicious image URLs.

How to fix Cross-site Scripting (XSS)?

Upgrade markdown2 to version 2.5.1 or higher.

[,2.5.1)

Cross-site Scripting (XSS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) within the Markdown class in lib/markdown2.py, which insufficiently sanitizes attribute values. An attacker can exploit this by crafting specially formatted markdown input containing HTML tags with malicious attributes.

How to fix Cross-site Scripting (XSS)?

Upgrade markdown2 to version 2.5.1 or higher.

[,2.5.1)

Cross-site Scripting (XSS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization for nested incomplete tags.

How to fix Cross-site Scripting (XSS)?

Upgrade markdown2 to version 2.4.4 or higher.

[,2.4.4)

Regular Expression Denial of Service (ReDoS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regex \*\*(?=\S)(.+?[*_]*)(?<=\S)\*\*. Exploiting this vulnerability will result in catastrophic backtracking

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade markdown2 to version 2.4.11 or higher.

[,2.4.11)

Cross-site Scripting (XSS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) which bypass on any HTML element by using a new line that does not match to .+.

How to fix Cross-site Scripting (XSS)?

Upgrade markdown2 to version 2.4.4 or higher.

[0,2.4.4)

Regular Expression Denial of Service (ReDoS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regex via the _prepare_pyshell_blocks function.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade markdown2 to version 2.4.3 or higher.

[,2.4.3)

Regular Expression Denial of Service (ReDoS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via auto linking url.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade markdown2 to version 2.4.2 or higher.

[,2.4.2)

Regular Expression Denial of Service (ReDoS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the _do_headers function.

PoC:

import markdown2

markdown2.markdown(' '*100000+'$')

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade markdown2 to version 2.4.1 or higher.

[,2.4.1)

Regular Expression Denial of Service (ReDoS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). If an attacker provides a malicious string, it is possible to make markdown2 get stuck processing for an exponential time.

PoC

markdown2.markdown('[#a' + ' ' * 3456, extras=['numbering'])

markdown2.markdown('```' + '\n' * 3456, extras=['fenced-code-blocks'])

markdown2.markdown('-*-' + ' ' * 3456, use_file_vars=True)

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade markdown2 to version 2.4.0 or higher.

[1.0.1.18,2.4.0)

Cross Site Scripting (XSS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Cross Site Scripting (XSS) via link_text in markdown2.py

How to fix Cross Site Scripting (XSS)?

Upgrade markdown2 to version 2.3.9 or higher.

[,2.3.9)

Cross-site Scripting (XSS)

markdown2 is a fast and complete Python implementation of Markdown.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.

How to fix Cross-site Scripting (XSS)?

Upgrade markdown2 to version 2.3.9 or higher.

[0,2.3.9)

Cross-site Scripting (XSS)

markdown2 is A fast and complete Python implementation of Markdown.

Affected versions of the package are vulnerable to Cross-site Scripting (XSS) attacks via the safe_mode feature, which is supposed to sanitize user input against XSS. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '>' character from an IMG tag.

PoC by Vineet Kumar

>>> from markdown2 import markdown as mark
>>> mark('<img src="" onerror=alert(/XSS/)>', safe_mode=True)
u'<p>[HTML_REMOVED]</p>\n'
>>> mark('<img src="" onerror=alert(/XSS/) ', safe_mode=True) # Please notice the space at end of string.
u'<p><img src="" onerror=alert(/XSS/) </p>\n'
>>> mark('<img src="" onerror=alert(/XSS/)>', safe_mode="escape")
u'<p>&lt;img src="" onerror=alert(/XSS/)&gt;</p>\n'
>>> mark('<img src="" onerror=alert(/XSS/) ', safe_mode="escape")
u'<p><img src="" onerror=alert(/XSS/) </p>\n'

How to fix Cross-site Scripting (XSS)?

Upgrade markdown2 to version 2.3.7 or higher.

[,2.3.7)

markdown2@1.3.1 vulnerabilities

A fast and complete Python implementation of Markdown

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

How to fix?

PoC:

PoC

PoC by Vineet Kumar