Nixpkgs security tracker
NIXPKGS-2026-1733
GitHub issue
published on
Permalink
CVE-2026-44708
6.1 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Changed (C)
- Confidentiality (C): Low (L)
- Integrity (I): Low (L)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Changed (C)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): None (N)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse accepted
- @LeSuisse published on GitHub
Mistune Math Plugin XSS Escape Bypass
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with escape=True, which is supposed to guarantee that all user-controlled text is sanitised before reaching the DOM. This vulnerability is fixed in 3.2.1.
References
-
https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x x_refsource_CONFIRM
-
https://github.com/lepture/mistune/releases/tag/v3.2.1 x_refsource_MISC
Affected products
mistune
- ==< 3.2.1
Matching in nixpkgs
pkgs.python312Packages.mistune
Sane Markdown parser with useful plugins and renderers
pkgs.python313Packages.mistune
Sane Markdown parser with useful plugins and renderers
pkgs.python314Packages.mistune
Sane Markdown parser with useful plugins and renderers
Package maintainers
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>