Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/mistune@0.8
purl pkg:pypi/mistune@0.8
Next non-vulnerable version 0.8.1
Latest non-vulnerable version 2.0.3
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-3p1d-tfde-6khg
Aliases:
CVE-2017-16876
GHSA-98gj-wwxm-cj3h
PYSEC-2017-18
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.
0.8.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-84bg-nq2n-n3ey mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions. CVE-2017-15612
GHSA-hpv5-v8g5-c864
PYSEC-2017-80

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-01T14:56:29.143760+00:00 GHSA Importer Fixing VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.6.0
2026-05-01T14:16:19.628031+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.6.0
2026-04-29T19:27:38.984534+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.5.0
2026-04-16T20:50:59.430776+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.4.0
2026-04-16T02:17:43.924553+00:00 GHSA Importer Fixing VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.4.0
2026-04-16T01:26:25.066410+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.4.0
2026-04-11T22:01:41.891982+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.3.0
2026-04-11T13:42:31.750255+00:00 GHSA Importer Fixing VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.3.0
2026-04-11T12:55:44.030436+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.3.0
2026-04-02T22:14:43.001744+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.1.0
2026-04-02T14:31:09.852270+00:00 GHSA Importer Fixing VCID-84bg-nq2n-n3ey https://github.com/advisories/GHSA-hpv5-v8g5-c864 38.1.0
2026-04-02T13:48:14.147288+00:00 GHSA Importer Affected by VCID-3p1d-tfde-6khg https://github.com/advisories/GHSA-98gj-wwxm-cj3h 38.1.0
2026-04-01T16:32:14.771165+00:00 GitLab Importer Affected by VCID-3p1d-tfde-6khg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-16876.yml 38.0.0
2026-04-01T15:00:07.845301+00:00 PyPI Importer Affected by VCID-3p1d-tfde-6khg https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T15:00:02.548690+00:00 PyPI Importer Fixing VCID-84bg-nq2n-n3ey https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T13:10:33.118825+00:00 GithubOSV Importer Fixing VCID-84bg-nq2n-n3ey https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-hpv5-v8g5-c864/GHSA-hpv5-v8g5-c864.json 38.0.0
2026-04-01T12:47:24.989819+00:00 GitLab Importer Fixing VCID-84bg-nq2n-n3ey https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mistune/CVE-2017-15612.yml 38.0.0
2026-04-01T12:41:38.952699+00:00 Pypa Importer Affected by VCID-3p1d-tfde-6khg https://github.com/pypa/advisory-database/blob/main/vulns/mistune/PYSEC-2017-18.yaml 38.0.0
2026-04-01T12:41:36.207390+00:00 Pypa Importer Fixing VCID-84bg-nq2n-n3ey https://github.com/pypa/advisory-database/blob/main/vulns/mistune/PYSEC-2017-80.yaml 38.0.0