Python-markdown2 Project Python-markdown2 — known CVE vulnerabilities
Every CVE whose affected-product data names Python-markdown2 Project Python-markdown2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2018-5773 — CVSS 6.1 (medium): An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input…
CVE-2020-11888 — CVSS 6.1 (medium): python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might…