Medium severity5.3NVD Advisory· Published Jun 7, 2017· Updated May 13, 2026
CVE-2015-3295
CVE-2015-3295
Description
markdown-it before 4.1.0 does not block data: URLs.
Affected products
1- cpe:2.3:a:markdown-it_project:markdown-it:4.0.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/markdown-it/markdown-it/commit/f76d3beb46abd121892a2e2e5c78376354c214e3nvdIssue TrackingPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2015/04/10/10nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/71824nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.