Lucene search
K

15 matches found

openvas
openvas
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2020-0125)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.01688EPSS
Exploits1References4
ibm
ibm
added 2020/05/19 5:0 p.m.22 views

Security Bulletin: A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)

Summary Multiple vulnerabilities have been found in the Bleach package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-6816 DESCRIPTION: Mozilla Bleach is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...

6.1CVSS0.6AI score0.01688EPSS
Exploits2Affected Software1
nessus
nessus
added 2020/04/30 12:0 a.m.36 views

Fedora 30 : python-bleach (2020-827b677e15)

Update to version 3.1.4, an upstream security release. See the upstream changelog for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

7.5CVSS7.1AI score0.01688EPSS
Exploits2References4
openvas
openvas
added 2020/04/30 12:0 a.m.51 views

Fedora: Security Advisory for python-bleach (FEDORA-2020-827b677e15)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5AI score
Exploits0References2
nessus
nessus
added 2020/04/30 12:0 a.m.42 views

Fedora 31 : python-bleach (2020-e1fa96c506)

Update to version 3.1.4, an upstream security release. See the upstream changelog for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

7.5CVSS7.1AI score0.01688EPSS
Exploits2References4
osv
osv
added 2020/03/24 10:15 p.m.5 views

DEBIAN-CVE-2020-6802

In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option...

6.1CVSS7.3AI score0.01688EPSS
Exploits1References1
cve
cve
added 2020/03/24 9:13 p.m.192 views

CVE-2020-6802

Mozilla Bleach prior to 3.11 is vulnerable to mutation XSS via bleach.clean when noscript and a raw tag are allowed/whitelisted. A remote attacker could inject script into a page viewed in a browser (impact: carry out client-side script execution). Remediation observed in multiple sources shows u...

6.1CVSS5.9AI score0.01688EPSS
Exploits1References6Affected Software1
opensuse
opensuse
added 2020/03/09 12:0 a.m.84 views

Security update for python-bleach (important)

openSUSE Security Update: Security update for python-bleach Announcement ID: openSUSE-SU-2020:0325-1 Rating: important References: 1165303 Cross-References: CVE-2020-6802 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description:This...

6.1CVSS6.7AI score0.01688EPSS
Exploits1References1
nessus
nessus
added 2020/03/09 12:0 a.m.31 views

openSUSE Security Update : python-bleach (openSUSE-2020-308)

This update for python-bleach to version 3.1.1 fixes the following issue : - Python-bleach was updated to 3.1.1 - CVE-2020-6802: Fixed mutation XSS vulnerabilities boo1165303. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

6.1CVSS7.4AI score0.01688EPSS
Exploits1References2
openvas
openvas
added 2020/03/08 12:0 a.m.22 views

openSUSE: Security Advisory for python-bleach (openSUSE-SU-2020:0308-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.6AI score0.01688EPSS
Exploits1References2
opensuse
opensuse
added 2020/03/07 12:0 a.m.136 views

Security update for python-bleach (important)

openSUSE Security Update: Security update for python-bleach Announcement ID: openSUSE-SU-2020:0308-1 Rating: important References: 1165303 Cross-References: CVE-2020-6802 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

6.1CVSS6.9AI score0.01688EPSS
Exploits1References1
mageia
mageia
added 2020/03/06 4:13 p.m.32 views

Updated python-bleach packages fix security vulnerability

The updated packages fix a security vulnerability: Mutation XSS in bleach.clean when noscript and raw tag whitelisted. CVE-2020-6802...

6.1CVSS1.3AI score0.01688EPSS
Exploits1References2
nessus
nessus
added 2020/03/02 12:0 a.m.31 views

Debian DSA-4636-1 : python-bleach - security update

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when'noscript' and one or more raw text tags were whitelisted. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.1CVSS7.3AI score0.01688EPSS
Exploits1References5
vulnersosv
vulnersosv
added 2020/02/24 5:33 p.m.6 views

adversarial-labeller (=0.1.8), alo7-airflow (>=1.10.0 <=1.10.0.7) +113 more potentially affected by CVE-2020-6802 via bleach (>=1.2.2 <=3.1.0)

bleach PYPI version =1.2.2, =1.10.0, =0.1.0, =0.0.6, =0.3.0, =0.3.4, =0.0.5, =0.1.3, =0.0.1, =0.2.1, =1.0.2, =0.1.2, =1.0.7 and more Source cves: CVE-2020-6802 Source advisory: OSV:GHSA-Q65M-PV3F-WR5R...

6.1CVSS6.8AI score0.01688EPSS
Exploits1
github
github
added 2020/02/24 5:33 p.m.99 views

XSS in Bleach when noscript and raw tag whitelisted

Impact A mutation XSS affects users calling bleach.clean with noscript and a raw tag see below in the allowed/whitelisted tags option. Patches v3.1.1 Workarounds modify bleach.clean calls to not whitelist noscript and one or more of the following raw tags: title textarea script style noembed...

6.1CVSS6.2AI score0.01688EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder