Lucene search
GoogleOSV:PYSEC-2021-20HistoryMar 03, 2021 - 4:15 p.m.
PYSEC-2021-20
2021-03-0316:15:00
Google
osv.dev
12
markdown2
denial of service
vulnerability
regex
EPSS
0.003
Percentile
69.8%
markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
References
github.com/advisories/GHSA-jr9p-r423-9m2r
github.com/trentm/python-markdown2/pull/387
lists.fedoraproject.org/archives/list/[email protected]/message/BRP5RN35JZTSJ3JT4722F447ZDK7LZS5/
lists.fedoraproject.org/archives/list/[email protected]/message/J752422YELXLMLZJPVJVKD2KKHHQRVEH/
lists.fedoraproject.org/archives/list/[email protected]/message/JTIX5UXRDJZJ57DO4V33ZNJTNKWGBQLY/
Related
openvas
openvas
Fedora: Security Advisory for python-markdown2 (FEDORA-2021-0337384e41)
2021-05-13 00:00:00
Fedora: Security Advisory for python-markdown2 (FEDORA-2021-e235a0da4a)
2021-05-13 00:00:00
openSUSE: Security Advisory for python-markdown2 (openSUSE-SU-2021:0429-1)
2021-04-16 00:00:00
ubuntucve
ubuntucve
CVE-2021-26813
2021-03-03 00:00:00
debiancve
debiancve
CVE-2021-26813
2021-03-03 16:15:13
suse
suse
Security update for python-markdown2 (moderate)
2021-03-20 00:00:00
Security update for python-markdown2 (moderate)
2021-03-16 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: python-markdown2-2.4.0-1.fc34
2021-05-10 01:07:00
[SECURITY] Fedora 33 Update: python-markdown2-2.4.0-1.fc33
2021-05-10 01:08:51
[SECURITY] Fedora 32 Update: python-markdown2-2.4.0-1.fc32
2021-05-10 00:52:56
cvelist
cvelist
CVE-2021-26813
2021-03-03 15:17:41
nessus
nessus
nvd
nvd
CVE-2021-26813
2021-03-03 16:15:13
github
github
markdown2 Regular Expression Denial of Service
2021-06-02 21:44:28
osv
osv
markdown2 Regular Expression Denial of Service
2021-06-02 21:44:28
CVE-2021-26813
2021-03-03 16:15:13
python36-markdown2-2.4.0-2.4 on GA media
2024-06-15 00:00:00
prion
prion
Design/Logic Flaw
2021-03-03 16:15:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-03-04 04:44:25
freebsd
freebsd
py-markdown2 -- regular expression denial of service vulnerability
2021-03-03 00:00:00
cve
cve
CVE-2021-26813
2021-03-03 16:15:13
kitploit
kitploit