Filtered by vendor Digitalocean Subscriptions
Filtered by product Do-markdownit Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-59717 1 Digitalocean 1 Do-markdownit 2025-09-19 5.4 Medium
In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array).