Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/mistune@0.2.0
purl pkg:pypi/mistune@0.2.0
Next non-vulnerable version 0.8.1
Latest non-vulnerable version 2.0.3
Risk 3.1
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-3p1d-tfde-6khg
Aliases:
CVE-2017-16876
GHSA-98gj-wwxm-cj3h
PYSEC-2017-18
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.
0.8.1
Affected by 0 other vulnerabilities.
VCID-84bg-nq2n-n3ey
Aliases:
CVE-2017-15612
GHSA-hpv5-v8g5-c864
PYSEC-2017-80
mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.
0.8
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-29T19:27:38.939849+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.5.0
2026-04-16T20:50:59.389310+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.4.0
2026-04-16T02:17:43.877644+00:00 GHSA Importer Affected by VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.4.0
2026-04-16T01:26:25.014691+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.4.0
2026-04-11T22:01:41.847354+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.3.0
2026-04-11T13:42:31.700220+00:00 GHSA Importer Affected by VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.3.0
2026-04-11T12:55:43.977283+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.3.0
2026-04-02T22:14:42.958462+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.1.0
2026-04-02T14:31:09.809987+00:00 GHSA Importer Affected by VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.1.0
2026-04-02T13:48:14.108028+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.1.0
2026-04-01T16:32:14.728695+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.0.0
2026-04-01T15:00:07.799252+00:00 PyPI Importer Affected by VCID-3p1d-tfde-6khg https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T15:00:02.503450+00:00 PyPI Importer Affected by VCID-84bg-nq2n-n3ey https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T12:41:38.931659+00:00 Pypa Importer Affected by VCID-3p1d-tfde-6khg https://github.com/pypa/advisory-database/blob/main/vulns/mistune/PYSEC-2017-18.yaml 38.0.0
2026-04-01T12:41:36.179211+00:00 Pypa Importer Affected by VCID-84bg-nq2n-n3ey https://github.com/pypa/advisory-database/blob/main/vulns/mistune/PYSEC-2017-80.yaml 38.0.0