Medium severity5.3NVD Advisory· Published Jun 7, 2017· Updated Jun 17, 2026
CVE-2015-3295
CVE-2015-3295
Description
markdown-it before 4.1.0 does not block data: URLs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:markdown-it_project:markdown-it:4.0.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:markdown-it_project:markdown-it:4.0.3:*:*:*:*:*:*:*
- (no CPE)range: <4.1.0
Patches
Vulnerability mechanics
References
3- github.com/markdown-it/markdown-it/commit/f76d3beb46abd121892a2e2e5c78376354c214e3nvdIssue TrackingPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2015/04/10/10nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/71824nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.