Search for packages
| purl | pkg:pypi/markdown@3.3.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gar7-7upf-d7cz
Aliases: CVE-2025-69534 GHSA-5wmx-573v-2qwq |
Python-Markdown has an Uncaught Exception Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-17T00:31:00.249647+00:00 | GitLab Importer | Affected by | VCID-gar7-7upf-d7cz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Markdown/CVE-2025-69534.yml | 38.4.0 |
| 2026-04-12T01:55:44.508490+00:00 | GitLab Importer | Affected by | VCID-gar7-7upf-d7cz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Markdown/CVE-2025-69534.yml | 38.3.0 |
| 2026-04-08T03:24:50.350358+00:00 | GitLab Importer | Affected by | VCID-gar7-7upf-d7cz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Markdown/CVE-2025-69534.yml | 38.1.0 |