Bug Bounty

All about electronic devices security
https://mail.bugbounty.com.au/

ReDOS Vulnerability in PyMdown Extensions for Python-Markdown

https://mail.bugbounty.com.au/viewtopic.php?t=13155

Page 1 of 1

ReDOS Vulnerability in PyMdown Extensions for Python-Markdown

Posted: Wed Dec 17, 2025 2:11 am
by Shane1145
The PyMdown Extensions include a variety of enhancements for the Python-Markdown project, but versions prior to 10.16.1 contain a vulnerability in the figure caption extension (pymdownx.blocks.caption). This ReDOS issue can lead to performance degradation, causing significant delays while processing malicious user inputs. Users implementing systems that handle untrusted content may experience severe disruptions. The vulnerability can be mitigated by updating to version 10.16.1 or by avoiding the usage of pymdownx.blocks.caption in environments where unprocessed user content is taken. Additional safeguards should be in place to manage potential excessive data input.

https://securityvulnerability.io/vulner ... 2025-68142
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited