league/commonmark Security Advisories for 0.14.0 (3)
-
[MEDIUM] league/commonmark contains a XSS vulnerability in Attributes extension
PKSA-rqc2-tcc6-nc79 CVE-2025-46734 GHSA-3527-qv2q-pfvx
Affected version: <2.7.0
Reported by:
GitHub -
[HIGH] league/commonmark's quadratic complexity bugs may lead to a denial of service
PKSA-fndg-qryc-dyc9 GHSA-c2pc-g5qf-rfrf
Affected version: <2.6.0
Reported by:
GitHub -
[MEDIUM] XSS vulnerability with double-encoded entities
PKSA-nyyp-2pk1-frkz CVE-2019-10010 GHSA-3v43-877x-qgmq
Affected version: <0.18.3
Reported by:
GitHub, FriendsOfPHP/security-advisories