npm package
@digitalocean/do-markdownit
pkg:npm/%40digitalocean/do-markdownit
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-59717 | — | <= 1.16.1 | — | Sep 19, 2025 | In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array). |
- CVE-2025-59717Sep 19, 2025affected <= 1.16.1
In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array).