Vulnerabilities > Mistune Project > Mistune > 0.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-25 | CVE-2022-34749 | In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. | 7.5 |
2017-12-29 | CVE-2017-16876 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument. | 6.1 |