Source: mistune
Version: 3.1.4-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerabilities were published for mistune.

CVE-2026-49851[0]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to
| superlinear (approximately O(n²)) behavior in parse_link_text. When
| parsing Markdown containing many consecutive [ characters,
| parse_link_text repeatedly scans the input using a regex search
| inside a loop. Each iteration re-scans a large portion of the
| remaining string, resulting in quadratic-time behavior. An attacker-
| controlled Markdown input can therefore trigger excessive CPU usage
| with a very small payload. This vulnerability is fixed in 3.3.0.


CVE-2026-59922[1]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, a run of closed tilde, equals-sign, or caret marker
| pairs around a character causes quadratic work in
| src/mistune/plugins/formatting.py when the strikethrough, mark, or
| insert plugin scans for matching markers from each possible start
| position, allowing denial of service through CPU exhaustion. This
| issue is fixed in version 3.3.0.


CVE-2026-59923[2]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, HTMLRenderer.safe_url() does not block percent-
| encoded javascript URIs, allowing attacker-supplied Markdown links
| or images to bypass URL protections and execute script in rendered
| HTML. This issue is fixed in version 3.3.0.


CVE-2026-59924[3]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, Include.parse() joins and normalizes user-supplied
| include paths without verifying that the result remains within the
| intended markdown directory, allowing crafted include paths to
| access files outside that directory when markdown files are
| processed using md.read(). This issue is fixed in version 3.3.0.


CVE-2026-59925[4]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, long sequences of well-formed double-asterisk or
| triple-asterisk emphasis pairs around a character cause quadratic
| work in src/mistune/inline_parser.py because the parser scans
| forward for matching close markers from every potential opening run,
| allowing denial of service in default Mistune parsing. This issue is
| fixed in version 3.3.0.


CVE-2026-59926[5]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.2.1, render_admonition() in
| src/mistune/directives/admonition.py concatenates the Admonition
| directive :class: option into the HTML class attribute without
| escaping, allowing attribute injection and cross-site scripting even
| when HTMLRenderer escape mode is enabled. This issue is fixed in
| version 3.2.1.


CVE-2026-59927[6]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, the Include directive in
| src/mistune/directives/include.py detects only direct self-includes
| and not indirect cycles, allowing two markdown files that include
| each other to trigger unbounded recursion, raise RecursionError, and
| crash the rendering request. This issue is fixed in version 3.3.0.


CVE-2026-59928[7]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, a Markdown document containing many repeated or
| distinct reference-link definitions causes quadratic work in
| src/mistune/block_parser.py and the ref_links environment dictionary
| handling, allowing denial of service through CPU exhaustion. This
| issue is fixed in version 3.3.0.


CVE-2026-59929[8]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, the safe_url filter in src/mistune/renderers/html.py
| blocks only javascript:, vbscript:, file:, and data: schemes,
| allowing legacy or chained schemes such as feed:, view-source:,
| jar:, livescript:, mocha:, ms-its:, mk:, and res: to reach rendered
| href and src attributes and potentially execute script in affected
| user agents. This issue is fixed in version 3.3.0.


CVE-2026-59930[9]:
| Mistune is a Python Markdown parser with renderers and plugins.
| Prior to 3.3.0, the toc plugin and TableOfContents directive
| generate heading IDs as predictable toc_N values without slugifying
| the heading text, allowing attacker-controlled id="toc_N" content to
| collide with generated anchors and redirect same-page navigation,
| CSS selectors, or JavaScript handlers. This issue is fixed in
| version 3.3.0.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2026-49851
    https://www.cve.org/CVERecord?id=CVE-2026-49851
[1] https://security-tracker.debian.org/tracker/CVE-2026-59922
    https://www.cve.org/CVERecord?id=CVE-2026-59922
[2] https://security-tracker.debian.org/tracker/CVE-2026-59923
    https://www.cve.org/CVERecord?id=CVE-2026-59923
[3] https://security-tracker.debian.org/tracker/CVE-2026-59924
    https://www.cve.org/CVERecord?id=CVE-2026-59924
[4] https://security-tracker.debian.org/tracker/CVE-2026-59925
    https://www.cve.org/CVERecord?id=CVE-2026-59925
[5] https://security-tracker.debian.org/tracker/CVE-2026-59926
    https://www.cve.org/CVERecord?id=CVE-2026-59926
[6] https://security-tracker.debian.org/tracker/CVE-2026-59927
    https://www.cve.org/CVERecord?id=CVE-2026-59927
[7] https://security-tracker.debian.org/tracker/CVE-2026-59928
    https://www.cve.org/CVERecord?id=CVE-2026-59928
[8] https://security-tracker.debian.org/tracker/CVE-2026-59929
    https://www.cve.org/CVERecord?id=CVE-2026-59929
[9] https://security-tracker.debian.org/tracker/CVE-2026-59930
    https://www.cve.org/CVERecord?id=CVE-2026-59930

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply via email to