VYPR

npm package

@nuxtjs/mdc

pkg:npm/%40nuxtjs/mdc

Vulnerabilities (2)

  • CVE-2025-54075HigJul 18, 2025
    affected < 0.17.2fixed 0.17.2

    MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. Prior to version 0.17.2, a remote script-inclusion / stored cross-site scripting vulnerability in @nuxtjs/mdc lets a Markdown author inject a `` e

  • CVE-2025-24981CriFeb 6, 2025
    affected < 0.13.3fixed 0.13.3

    MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. In affected versions unsafe parsing logic of the URL from markdown can lead to arbitrary JavaScript code due to a bypass to the existing guards around the `javascript:` protocol sc