What is CVE-2025-46656?

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption.

How severe is CVE-2025-46656?

CVE-2025-46656 has a CVSS v3 score of 2.9 (LOW).

CVE-2025-46656

Name: markdownify
Author: matthewwithanm

2.9LOW

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This causes memory consumption.

Опубликовано: 4/26/2025Обновлено: 10/16/2025

Посмотреть на NVD Посмотреть на MITRE

Описание

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This causes memory consumption.

ИИ-АнализНа базе ИИ

Затронутые продукты

matthewwithanmmarkdownify

Ссылки

https://github.com/matthewwithanm/python-markdownify/compare/0.14.0...0.14.1
Patch
https://github.com/matthewwithanm/python-markdownify/issues/143
Exploit
https://github.com/matthewwithanm/python-markdownify/issues/143
Exploit