node-markdown-to-jsx - Debian Package Tracker

A new upstream version is available: 7.5.0 high

A new upstream version 7.5.0 is available, you should consider packaging it.

Created: 2023-06-03 Last update: 2024-11-05 03:01

1 security issue in trixie high

1 important issue:

CVE-2024-21535: Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.

Created: 2024-10-18 Last update: 2024-10-18 18:28

1 security issue in sid high

1 important issue:

CVE-2024-21535: Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.

Created: 2024-10-18 Last update: 2024-10-18 18:28

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2023-05-10 Last update: 2023-05-10 04:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.0 instead of 4.6.2).

Created: 2024-04-07 Last update: 2024-04-07 13:14