13 matches found
Mageia: Security Advisory (MGASA-2020-0176)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for python-bleach (important)
openSUSE Security Update: Security update for python-bleach Announcement ID: openSUSE-SU-2021:0571-1 Rating: important References: 1167379 1168280 1184547 Cross-References: CVE-2020-6816 CVE-2020-6817 CVE-2021-23980 CVSS scores: CVE-2020-6816 NVD : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...
openSUSE: Security Advisory for python-bleach (openSUSE-SU-2021:0552-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : python-bleach (openSUSE-2021-552)
This update for python-bleach fixes the following issues : - CVE-2021-23980: Fixed mutation XSS on bleach.clean with specific combinations of allowed tags boo1184547 Update to 3.1.5 : - replace missing setuptools dependency with packaging. Thank you Benjamin Peterson. Update to 3.1.4 boo1168280,...
OPENSUSE-SU-2021:0552-1 Security update for python-bleach
This update for python-bleach fixes the following issues: - CVE-2021-23980: Fixed mutation XSS on bleach.clean with specific combinations of allowed tags boo1184547 Update to 3.1.5: replace missing setuptools dependency with packaging. Thank you Benjamin Peterson. Update to 3.1.4 boo1168280,...
Fedora: Security Advisory for python-bleach (FEDORA-2020-e0f35d634c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)
Summary Multiple vulnerabilities have been found in the Bleach package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-6816 DESCRIPTION: Mozilla Bleach is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
CVE-2020-6816
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...
CVE-2020-6816
CVE-2020-6816 affects Mozilla Bleach. A mutation XSS in bleach.clean occurs when RCDATA and either svg or math are whitelisted and strip=False, allowing a remote attacker to inject script into a Web page viewed by victims. Affected: Bleach versions prior to 3.12. Remediation: upgrade to bleach 3....
CVE-2020-6816
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...
adversarial-labeller (=0.1.8), alo7-airflow (>=1.10.0 <=1.10.0.7) +122 more potentially affected by CVE-2020-6816 via bleach (>=1.2.2 <=3.1.1)
bleach PYPI version =1.2.2, =1.10.0, =0.1.0, =0.0.6, =0.3.0, =0.0.9, =0.3.4, =0.0.5, =0.1.0rc1, =0.1.3, =0.0.1, =0.2.1, =0.4.3 - dbx-deploy =0.6.1 and more Source cves: CVE-2020-6816 Source advisory: OSV:GHSA-M6XF-FQ7Q-8743...
Debian DSA-4643-1 : python-bleach - security update
It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when strip=False and 'math' or 'svg' tags and one or more of the RCDATA tags were whitelisted. C Tenable Network Security, Inc. The descriptive text and package...
[SECURITY] [DSA 4643-1] python-bleach security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4643-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2020 https://www.debian.org/security/faq -...