python-markdown-3.3.4-4.el9_8.2
エラータID: AXSA:2026-1228:01
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-69534
Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.
Update packages.
Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.
N/A
SRPMS
- python-markdown-3.3.4-4.el9_8.2.src.rpm
MD5: 7f202e49b5c86583cb8d0a2d32ee8179
SHA-256: fc222775c7e884cdb3fa8aa58cf7c24c60b373c145e465b63dc418498615c6ef
Size: 313.15 kB
Asianux Server 9 for x86_64
- python3-markdown-3.3.4-4.el9_8.2.noarch.rpm
MD5: 9108479c0ab30ddaf675747dcec2f4aa
SHA-256: d5d095a0bc484049074953ca7c9217a991afdfc4af0cea222e9e538b7b01477b
Size: 170.69 kB