{"ecosystem":"pypi","package":"markdown-it-py","version":null,"bugs":[{"id":460,"ecosystem":"pypi","package_name":"markdown-it-py","affected_version":null,"fixed_version":"2.2.0","bug_id":"osv:GHSA-vrjv-mxr7-vjf8","title":"markdown-it-py Denial of Service vulnerability","description":"Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input.","severity":"high","status":"fixed","source":"osv","source_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-26303","labels":["CVE-2023-26303","PYSEC-2023-24"],"created_at":"2026-04-19T04:31:30.869609+00:00","updated_at":"2026-04-19T04:31:30.869609+00:00"},{"id":459,"ecosystem":"pypi","package_name":"markdown-it-py","affected_version":null,"fixed_version":"2.2.0","bug_id":"osv:GHSA-jrwr-5x3p-hvc3","title":"markdown-it-py Denial of Service vulnerability in the command line interface","description":"Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input.","severity":"high","status":"fixed","source":"osv","source_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-26302","labels":["CVE-2023-26302","PYSEC-2023-23"],"created_at":"2026-04-19T04:31:30.867817+00:00","updated_at":"2026-04-19T04:31:30.867817+00:00"},{"id":462,"ecosystem":"pypi","package_name":"markdown-it-py","affected_version":null,"fixed_version":"ae03c6107dfa18e648f6fdd1280f5b89092d5d49","bug_id":"osv:PYSEC-2023-24","title":"PYSEC-2023-24: advisory","description":"Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input.","severity":"medium","status":"fixed","source":"osv","source_url":"https://github.com/executablebooks/markdown-it-py/commit/ae03c6107dfa18e648f6fdd1280f5b89092d5d49","labels":["CVE-2023-26303","GHSA-vrjv-mxr7-vjf8"],"created_at":"2026-04-19T04:31:30.871386+00:00","updated_at":"2026-04-19T04:31:30.871386+00:00"},{"id":461,"ecosystem":"pypi","package_name":"markdown-it-py","affected_version":null,"fixed_version":"53ca3e9c2b9e9b295f6abf7f4ad2730a9b70f68c","bug_id":"osv:PYSEC-2023-23","title":"PYSEC-2023-23: advisory","description":"Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input.","severity":"medium","status":"fixed","source":"osv","source_url":"https://github.com/executablebooks/markdown-it-py/commit/53ca3e9c2b9e9b295f6abf7f4ad2730a9b70f68c","labels":["CVE-2023-26302","GHSA-jrwr-5x3p-hvc3"],"created_at":"2026-04-19T04:31:30.870764+00:00","updated_at":"2026-04-19T04:31:30.870764+00:00"}],"total":4,"_cache":"miss"}