Source: mistune Version: 3.1.4-1 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerabilities were published for mistune. CVE-2026-49851[0]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to | superlinear (approximately O(n²)) behavior in parse_link_text. When | parsing Markdown containing many consecutive [ characters, | parse_link_text repeatedly scans the input using a regex search | inside a loop. Each iteration re-scans a large portion of the | remaining string, resulting in quadratic-time behavior. An attacker- | controlled Markdown input can therefore trigger excessive CPU usage | with a very small payload. This vulnerability is fixed in 3.3.0. CVE-2026-59922[1]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, a run of closed tilde, equals-sign, or caret marker | pairs around a character causes quadratic work in | src/mistune/plugins/formatting.py when the strikethrough, mark, or | insert plugin scans for matching markers from each possible start | position, allowing denial of service through CPU exhaustion. This | issue is fixed in version 3.3.0. CVE-2026-59923[2]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, HTMLRenderer.safe_url() does not block percent- | encoded javascript URIs, allowing attacker-supplied Markdown links | or images to bypass URL protections and execute script in rendered | HTML. This issue is fixed in version 3.3.0. CVE-2026-59924[3]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, Include.parse() joins and normalizes user-supplied | include paths without verifying that the result remains within the | intended markdown directory, allowing crafted include paths to | access files outside that directory when markdown files are | processed using md.read(). This issue is fixed in version 3.3.0. CVE-2026-59925[4]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, long sequences of well-formed double-asterisk or | triple-asterisk emphasis pairs around a character cause quadratic | work in src/mistune/inline_parser.py because the parser scans | forward for matching close markers from every potential opening run, | allowing denial of service in default Mistune parsing. This issue is | fixed in version 3.3.0. CVE-2026-59926[5]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.2.1, render_admonition() in | src/mistune/directives/admonition.py concatenates the Admonition | directive :class: option into the HTML class attribute without | escaping, allowing attribute injection and cross-site scripting even | when HTMLRenderer escape mode is enabled. This issue is fixed in | version 3.2.1. CVE-2026-59927[6]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, the Include directive in | src/mistune/directives/include.py detects only direct self-includes | and not indirect cycles, allowing two markdown files that include | each other to trigger unbounded recursion, raise RecursionError, and | crash the rendering request. This issue is fixed in version 3.3.0. CVE-2026-59928[7]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, a Markdown document containing many repeated or | distinct reference-link definitions causes quadratic work in | src/mistune/block_parser.py and the ref_links environment dictionary | handling, allowing denial of service through CPU exhaustion. This | issue is fixed in version 3.3.0. CVE-2026-59929[8]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, the safe_url filter in src/mistune/renderers/html.py | blocks only javascript:, vbscript:, file:, and data: schemes, | allowing legacy or chained schemes such as feed:, view-source:, | jar:, livescript:, mocha:, ms-its:, mk:, and res: to reach rendered | href and src attributes and potentially execute script in affected | user agents. This issue is fixed in version 3.3.0. CVE-2026-59930[9]: | Mistune is a Python Markdown parser with renderers and plugins. | Prior to 3.3.0, the toc plugin and TableOfContents directive | generate heading IDs as predictable toc_N values without slugifying | the heading text, allowing attacker-controlled id="toc_N" content to | collide with generated anchors and redirect same-page navigation, | CSS selectors, or JavaScript handlers. This issue is fixed in | version 3.3.0. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-49851 https://www.cve.org/CVERecord?id=CVE-2026-49851 [1] https://security-tracker.debian.org/tracker/CVE-2026-59922 https://www.cve.org/CVERecord?id=CVE-2026-59922 [2] https://security-tracker.debian.org/tracker/CVE-2026-59923 https://www.cve.org/CVERecord?id=CVE-2026-59923 [3] https://security-tracker.debian.org/tracker/CVE-2026-59924 https://www.cve.org/CVERecord?id=CVE-2026-59924 [4] https://security-tracker.debian.org/tracker/CVE-2026-59925 https://www.cve.org/CVERecord?id=CVE-2026-59925 [5] https://security-tracker.debian.org/tracker/CVE-2026-59926 https://www.cve.org/CVERecord?id=CVE-2026-59926 [6] https://security-tracker.debian.org/tracker/CVE-2026-59927 https://www.cve.org/CVERecord?id=CVE-2026-59927 [7] https://security-tracker.debian.org/tracker/CVE-2026-59928 https://www.cve.org/CVERecord?id=CVE-2026-59928 [8] https://security-tracker.debian.org/tracker/CVE-2026-59929 https://www.cve.org/CVERecord?id=CVE-2026-59929 [9] https://security-tracker.debian.org/tracker/CVE-2026-59930 https://www.cve.org/CVERecord?id=CVE-2026-59930 Please adjust the affected versions in the BTS as needed. Regards, Salvatore

