Go modules package
github.com/gomarkdown/markdown
pkg:golang/github.com/gomarkdown/markdown
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-40890 | Hig | 7.5 | < 0.0.0-20260411013819-759bbc3e3207 | 0.0.0-20260411013819-759bbc3e3207 | Apr 21, 2026 | The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a < character that is not followed by a > character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of | |
| CVE-2024-44337 | Med | 5.1 | < 0.0.0-20240729212818-a2a9c4f76ef5 | 0.0.0-20240729212818-a2a9c4f76ef5 | Oct 15, 2024 | The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the parag | |
| CVE-2023-42821 | — | < 0.0.0-20230922105210-14b16010c2ee | 0.0.0-20230922105210-14b16010c2ee | Sep 22, 2023 | The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `0.0.0-20230922105210-14b16010c2ee`, which corresponds with commit `14b16010c2ee7ff33a940a541d993bd043a88940`, parsing malformed markdown input wit |
- affected < 0.0.0-20260411013819-759bbc3e3207fixed 0.0.0-20260411013819-759bbc3e3207
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a < character that is not followed by a > character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of
- affected < 0.0.0-20240729212818-a2a9c4f76ef5fixed 0.0.0-20240729212818-a2a9c4f76ef5
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the parag
- CVE-2023-42821Sep 22, 2023affected < 0.0.0-20230922105210-14b16010c2eefixed 0.0.0-20230922105210-14b16010c2ee
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `0.0.0-20230922105210-14b16010c2ee`, which corresponds with commit `14b16010c2ee7ff33a940a541d993bd043a88940`, parsing malformed markdown input wit