simple-markdown (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package simple-markdown, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2019-9844 — CVSS 6.1 (medium): simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI.
CVE-2019-25102 — CVSS 4.3 (medium): A vulnerability, which was classified as problematic, was found in simple-markdown 0.6.0. Affected is an unknown function of the file…
CVE-2019-25103 — CVSS 4.3 (medium): A vulnerability has been found in simple-markdown 0.5.1 and classified as problematic. Affected by this vulnerability is an unknown…