{ "threat_severity" : "Important", "public_date" : "2026-03-05T00:00:00Z", "bugzilla" : { "description" : "python-markdown: denial of service via malformed HTML-like sequences", "id" : "2444839", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2444839" }, "cvss3" : { "cvss3_base_score" : "8.2", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-617", "details" : [ "Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.", "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace." ], "statement" : "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.", "affected_release" : [ { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date" : "2026-05-04T00:00:00Z", "advisory" : "RHSA-2026:13512", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "python3.12-markdown-0:3.10.2-1.el8ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date" : "2026-05-04T00:00:00Z", "advisory" : "RHSA-2026:13512", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package" : "python3.12-markdown-0:3.10.2-1.el9ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6 for RHEL 9", "release_date" : "2026-05-04T00:00:00Z", "advisory" : "RHSA-2026:13508", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "automation-controller-0:4.7.11-2.el9ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6 for RHEL 9", "release_date" : "2026-05-04T00:00:00Z", "advisory" : "RHSA-2026:13508", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "python3.12-markdown-0:3.10.2-1.el9ap" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19155", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "python-markdown-0:3.5.1-6.el10_2.1" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-26T00:00:00Z", "advisory" : "RHSA-2026:20677", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "python-markdown-0:3.5.1-6.el10_0.1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19366", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "python-markdown-0:3.3.4-4.el9_8.2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-05-26T00:00:00Z", "advisory" : "RHSA-2026:20674", "cpe" : "cpe:/o:redhat:rhel_eus:9.4", "package" : "python-markdown-0:3.3.4-4.el9_4.2" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-05-26T00:00:00Z", "advisory" : "RHSA-2026:20676", "cpe" : "cpe:/o:redhat:rhel_eus:9.6", "package" : "python-markdown-0:3.3.4-4.el9_6.2" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 8", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14874", "cpe" : "cpe:/a:redhat:satellite:6.16::el8", "package" : "python-markdown-0:3.8.2-1.el8pc" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 8", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14874", "cpe" : "cpe:/a:redhat:satellite_capsule:6.16::el8", "package" : "python-markdown-0:3.8.2-1.el8pc" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 9", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14874", "cpe" : "cpe:/a:redhat:satellite:6.16::el9", "package" : "python-markdown-0:3.8.2-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.16 for RHEL 9", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14874", "cpe" : "cpe:/a:redhat:satellite_capsule:6.16::el9", "package" : "python-markdown-0:3.8.2-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14873", "cpe" : "cpe:/a:redhat:satellite:6.17::el9", "package" : "python-markdown-0:3.8.2-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.17 for RHEL 9", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14873", "cpe" : "cpe:/a:redhat:satellite_capsule:6.17::el9", "package" : "python-markdown-0:3.8.2-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.18 for RHEL 9", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14835", "cpe" : "cpe:/a:redhat:satellite:6.18::el9", "package" : "python3.12-markdown-0:3.8.2-1.el9pc" }, { "product_name" : "Red Hat Satellite 6.18 for RHEL 9", "release_date" : "2026-05-07T00:00:00Z", "advisory" : "RHSA-2026:14835", "cpe" : "cpe:/a:redhat:satellite_capsule:6.18::el9", "package" : "python3.12-markdown-0:3.8.2-1.el9pc" }, { "product_name" : "Red Hat Developer Hub 1.8", "release_date" : "2026-04-22T00:00:00Z", "advisory" : "RHSA-2026:9742", "cpe" : "cpe:/a:redhat:rhdh:1.8::el9", "package" : "rhdh/rhdh-hub-rhel9:1776784286" }, { "product_name" : "Red Hat Developer Hub 1.9", "release_date" : "2026-05-05T00:00:00Z", "advisory" : "RHSA-2026:13826", "cpe" : "cpe:/a:redhat:rhdh:1.9::el9", "package" : "rhdh/rhdh-hub-rhel9:1777903262" }, { "product_name" : "Red Hat OpenShift AI 2.25", "release_date" : "2026-04-23T00:00:00Z", "advisory" : "RHSA-2026:10184", "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9", "package" : "rhoai/odh-modelmesh-runtime-adapter-rhel9:1776768939" }, { "product_name" : "Red Hat OpenShift AI 2.25", "release_date" : "2026-04-23T00:00:00Z", "advisory" : "RHSA-2026:10184", "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9", "package" : "rhoai/odh-training-cuda124-torch25-py311-rhel9:1776243287" }, { "product_name" : "Red Hat OpenShift AI 2.25", "release_date" : "2026-04-23T00:00:00Z", "advisory" : "RHSA-2026:10184", "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9", "package" : "rhoai/odh-training-rocm62-torch25-py311-rhel9:1776272253" } ], "package_state" : [ { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/bitwarden-sdk-server-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/external-secrets-operator-bundle", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/external-secrets-operator-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "external-secrets-operator/external-secrets-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-installer-agent-rhel9", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-installer-controller-rhel9", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-installer-rhel9", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-service-8-rhel8", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-service-9-rhel9", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/controller-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/hub-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python-markdown", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "python-markdown", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "python-markdown", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-built-in-detector-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-guardrails-detector-huggingface-runtime-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kserve-agent-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kserve-controller-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kserve-router-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-modelmesh-runtime-adapter-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Will not fix", "package_name" : "rhoai/odh-training-cuda121-torch24-py311-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-training-cuda128-torch28-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Will not fix", "package_name" : "rhoai/odh-training-rocm62-torch24-py311-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-training-rocm64-torch28-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-vllm-gaudi-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-agent-installer-api-server-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-olm-catalogd-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Not affected", "package_name" : "devspaces/traefik-rhel9", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite:el8/python-markdown", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "satellite/iop-advisor-backend-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-69534\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-69534\nhttps://github.com/Python-Markdown/markdown\nhttps://github.com/Python-Markdown/markdown/actions/runs/15736122892\nhttps://github.com/Python-Markdown/markdown/issues/1534" ], "name" : "CVE-2025-69534", "mitigation" : { "value" : "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.", "lang" : "en:us" }, "csaw" : false }