What is CVE-2025-46656?

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption.

How severe is CVE-2025-46656?

CVE-2025-46656 has a CVSS v3 score of 2.9 (LOW).

CVE-2025-46656

Name: markdownify
Author: matthewwithanm

2.9LOW

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This causes memory consumption.

게시됨: 4/26/2025업데이트됨: 10/16/2025

NVD에서 보기 MITRE에서 보기

설명

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This causes memory consumption.

AI 분석AI 기반

영향받는 제품

matthewwithanmmarkdownify

참조

https://github.com/matthewwithanm/python-markdownify/compare/0.14.0...0.14.1
Patch
https://github.com/matthewwithanm/python-markdownify/issues/143
Exploit
https://github.com/matthewwithanm/python-markdownify/issues/143
Exploit