3 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-6817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an...
Mozilla Bleach Cross-Site Scripting Vulnerability
Mozilla Bleach is an HTML cleanup library from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in bleach.clean in Mozilla Bleach versions prior to 3.12. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...
www/py-bleach -- multiple vulnerabilities
bleach.clean behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS. Calls to bleach.clean with strip=False and math or svg tags and one or more of the RCDATA tags script, noscript, style, noframes, iframe, noembed, or x...