Search CVE reports
301 – 310 of 42760 results
An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path
2 affected packages
sqlite, sqlite3
| Package | 20.04 LTS |
|---|---|
| sqlite | Needs evaluation |
| sqlite3 | Needs evaluation |
A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service....
2 affected packages
sqlite, sqlite3
| Package | 20.04 LTS |
|---|---|
| sqlite | Needs evaluation |
| sqlite3 | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text,...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safe_url filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/block_parser.py and the...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_admonition() in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, long sequences of well-formed double-asterisk or triple-asterisk emphasis pairs around a character cause quadratic work...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Include.parse() joins and normalizes user-supplied include paths without verifying that the result remains within the intended markdown directory,...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safe_url() does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections...
1 affected package
mistune
| Package | 20.04 LTS |
|---|---|
| mistune | Needs evaluation |