Security Advisories - league/commonmark - Packagist

league/commonmark Security Advisories for 0.16.0 (2)

XSS vulnerability with double-encoded entities

CVE-2019-10010

Affected version: <0.18.3

Reported by:
GitHub, FriendsOfPHP/security-advisories
XSS vulnerability with unsafe link protocols

CVE-2018-20583

Affected version: >=0.15.6,<0.18.1

Reported by:
GitHub, FriendsOfPHP/security-advisories