{"id":"CVE-2019-25026","details":"Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting.","modified":"2026-04-11T12:20:15.233133Z","published":"2021-04-06T08:15:12.073Z","database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"9.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","source":"CPE_FIELD"}]},"references":[{"type":"WEB","url":"https://www.redmine.org/projects/redmine/wiki/Security_Advisories"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/redmine/redmine","events":[{"introduced":"0"},{"fixed":"22e2651b8979914406a955592371e548764252cf"},{"introduced":"83eb5bffeff4b29c17f4aea65570fc61ab3ff2e0"},{"fixed":"22ebc680ec36d770344dc06bee189cef4b34ea3b"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"3.4.13"},{"introduced":"4.0.0"},{"fixed":"4.0.6"}],"cpe":"cpe:2.3:a:redmine:redmine:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-25026.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}