| Release | Version |
|---|---|
| bullseye | 1.5.7-2 |
| bookworm | 2.3.9-1+deb12u1 |
| trixie | 2.7.0-1+deb13u1 |
| sid | 2.8.2-2 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2026-33347 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | league/commonmark is a PHP Markdown parser. From version 2.3.0 to befo ... |
| CVE-2026-30838 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | league/commonmark is a PHP Markdown parser. Prior to version 2.8.1, th ... |
| CVE-2025-46734 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | league/commonmark is a PHP Markdown parser. A cross-site scripting (XS ... |