VYPR

Go modules package

github.com/yuin/goldmark/renderer/html

pkg:golang/github.com/yuin/goldmark/renderer/html

Vulnerabilities (1)

  • CVE-2026-5160MedApr 15, 2026
    affected < 1.7.17fixed 1.7.17

    Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check (IsDangerousURL) before reso