In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False. (CVE-2020-6816) Regular expression denial of service. (CVE-2020-6817)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | python-bleach | < 3.1.4-1 | python-bleach-3.1.4-1.mga7 |