league/commonmark Security Advisories for 0.12.0 (2)
-
[HIGH] league/commonmark's quadratic complexity bugs may lead to a denial of service
PKSA-fndg-qryc-dyc9 GHSA-c2pc-g5qf-rfrf
Affected version: <2.6.0
Reported by:
GitHub -
[MEDIUM] XSS vulnerability with double-encoded entities
PKSA-nyyp-2pk1-frkz CVE-2019-10010 GHSA-3v43-877x-qgmq
Affected version: <0.18.3
Reported by:
GitHub, FriendsOfPHP/security-advisories