Filtered by vendor Digitalocean
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-59717 | 1 Digitalocean | 1 Do-markdownit | 2025-10-08 | N/A | 5.4 MEDIUM |
| In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array). | |||||
| CVE-2020-36569 | 1 Digitalocean | 1 Golang-nanoauth | 2025-04-11 | N/A | 9.1 CRITICAL |
| Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token. | |||||