Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Python-Markdown 安全漏洞
Vulnerability Description
Python-Markdown是Python-Markdown开源的一个Python实现的Markdown解析器。 Python-Markdown 3.8版本存在安全漏洞,该漏洞源于畸形HTML类序列可导致未处理的断言错误,可能引发远程拒绝服务和信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A