CVE-2026-35166
- EPSS 0.06%
- Veröffentlicht 06.04.2026 17:37:05
- Zuletzt bearbeitet 20.04.2026 18:34:45
Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are ...
CVE-2024-55601
- EPSS 0.21%
- Veröffentlicht 09.12.2024 22:15:23
- Zuletzt bearbeitet 15.04.2026 00:35:42
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not ...
CVE-2024-32875
- EPSS 0.21%
- Veröffentlicht 23.04.2024 21:15:48
- Zuletzt bearbeitet 15.04.2026 00:35:42
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and d...
CVE-2020-26284
- EPSS 0.41%
- Veröffentlicht 21.12.2020 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:19:45
Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In Hugo before version 0.79.1, i...