---

CVE-2021-26813 - log back

CVE-2021-26813 edited at 07 Mar 2021 12:01:53

References

https://github.com/trentm/python-markdown2/pull/387 - https://github.com/trentm/python-markdown2/pull/387/commits/96dff22341489459c8cb832fdfd066a588ec23bf + https://github.com/trentm/python-markdown2/commit/96dff22341489459c8cb832fdfd066a588ec23bf - https://github.com/trentm/python-markdown2/pull/387/commits/e1954d3a345fc7a4ccc113bd58f7df81ad63b6ec + https://github.com/trentm/python-markdown2/commit/e1954d3a345fc7a4ccc113bd58f7df81ad63b6ec - https://github.com/trentm/python-markdown2/pull/387/commits/c4b4ccb3f9da33f29b013d6d765fd223a8277cfe + https://github.com/trentm/python-markdown2/commit/c4b4ccb3f9da33f29b013d6d765fd223a8277cfe

CVE-2021-26813 edited at 03 Mar 2021 17:03:04
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ python-markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
References	+ https://github.com/trentm/python-markdown2/pull/387 + https://github.com/trentm/python-markdown2/pull/387/commits/96dff22341489459c8cb832fdfd066a588ec23bf + https://github.com/trentm/python-markdown2/pull/387/commits/e1954d3a345fc7a4ccc113bd58f7df81ad63b6ec + https://github.com/trentm/python-markdown2/pull/387/commits/c4b4ccb3f9da33f29b013d6d765fd223a8277cfe
Notes

CVE-2021-26813 created at 03 Mar 2021 17:00:55