| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2026-33347 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | league/commonmark is a PHP Markdown parser. From version 2.3.0 to befo ... |
| CVE-2026-30838 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | league/commonmark is a PHP Markdown parser. Prior to version 2.8.1, th ... |
| CVE-2025-46734 | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | league/commonmark is a PHP Markdown parser. A cross-site scripting (XS ... |