VulnerableCode Package Details - pkg:deb/debian/mistune@0.7.3-1~bpo8%2B1

Search for packages

Vulnerability	Summary	Fixed by
VCID-3p1d-tfde-6khg Aliases: CVE-2017-16876 GHSA-98gj-wwxm-cj3h PYSEC-2017-18	Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.	0.8.4-1 Affected by 0 other vulnerabilities.
VCID-84bg-nq2n-n3ey Aliases: CVE-2017-15612 GHSA-hpv5-v8g5-c864 PYSEC-2017-80	mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.	0.8.4-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-3p1d-tfde-6khg
Aliases:
CVE-2017-16876
GHSA-98gj-wwxm-cj3h
PYSEC-2017-18

Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.

0.8.4-1
Affected by 0 other vulnerabilities.

VCID-84bg-nq2n-n3ey
Aliases:
CVE-2017-15612
GHSA-hpv5-v8g5-c864
PYSEC-2017-80

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.

0.8.4-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:05:24.630947+00:00	Debian Oval Importer	Affected by	VCID-84bg-nq2n-n3ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:10:27.457426+00:00	Debian Oval Importer	Affected by	VCID-3p1d-tfde-6khg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:39:27.408090+00:00	Debian Oval Importer	Affected by	VCID-84bg-nq2n-n3ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:48:15.962010+00:00	Debian Oval Importer	Affected by	VCID-3p1d-tfde-6khg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:11:58.851863+00:00	Debian Oval Importer	Affected by	VCID-84bg-nq2n-n3ey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:25:55.151501+00:00	Debian Oval Importer	Affected by	VCID-3p1d-tfde-6khg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0