Lucene search
+L

15 matches found

nessus
nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-6817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an...

7.5CVSS7.8AI score0.00718EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2023/02/16 10:15 p.m.25 views

CVE-2020-6817

bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean..., attributes='a': 'style'...

7.5CVSS7.1AI score0.00718EPSS
Exploits1References6
redhatcve
redhatcve
added 2022/05/21 12:5 a.m.16 views

CVE-2020-6817

No description is available for this CVE...

1.3AI score0.00718EPSS
Exploits1References1
openvas
openvas
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2020-0176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.01301EPSS
Exploits2References6
opensuse
opensuse
added 2021/04/18 12:0 a.m.46 views

Security update for python-bleach (important)

openSUSE Security Update: Security update for python-bleach Announcement ID: openSUSE-SU-2021:0571-1 Rating: important References: 1167379 1168280 1184547 Cross-References: CVE-2020-6816 CVE-2020-6817 CVE-2021-23980 CVSS scores: CVE-2020-6816 NVD : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

6.1CVSS7.3AI score0.01301EPSS
Exploits3References3
openvas
openvas
added 2021/04/16 12:0 a.m.24 views

openSUSE: Security Advisory for python-bleach (openSUSE-SU-2021:0552-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.7AI score0.01301EPSS
Exploits3References2
nessus
nessus
added 2021/04/15 12:0 a.m.33 views

openSUSE Security Update : python-bleach (openSUSE-2021-552)

This update for python-bleach fixes the following issues : - CVE-2021-23980: Fixed mutation XSS on bleach.clean with specific combinations of allowed tags boo1184547 Update to 3.1.5 : - replace missing setuptools dependency with packaging. Thank you Benjamin Peterson. Update to 3.1.4 boo1168280,...

7.5CVSS6.9AI score0.01301EPSS
Exploits3References6
osv
osv
added 2021/04/14 2:51 p.m.10 views

OPENSUSE-SU-2021:0552-1 Security update for python-bleach

This update for python-bleach fixes the following issues: - CVE-2021-23980: Fixed mutation XSS on bleach.clean with specific combinations of allowed tags boo1184547 Update to 3.1.5: replace missing setuptools dependency with packaging. Thank you Benjamin Peterson. Update to 3.1.4 boo1168280,...

7.5CVSS6.8AI score0.01301EPSS
Exploits3References7
nessus
nessus
added 2020/04/30 12:0 a.m.36 views

Fedora 30 : python-bleach (2020-827b677e15)

Update to version 3.1.4, an upstream security release. See the upstream changelog for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

7.5CVSS7.1AI score0.01688EPSS
Exploits2References4
openvas
openvas
added 2020/04/30 12:0 a.m.51 views

Fedora: Security Advisory for python-bleach (FEDORA-2020-827b677e15)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5AI score
Exploits0References2
nessus
nessus
added 2020/04/30 12:0 a.m.42 views

Fedora 31 : python-bleach (2020-e1fa96c506)

Update to version 3.1.4, an upstream security release. See the upstream changelog for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

7.5CVSS7.1AI score0.01688EPSS
Exploits2References4
nessus
nessus
added 2020/04/27 12:0 a.m.34 views

FreeBSD : py-bleach -- regular expression denial-of-service (4c52ec3c-86f3-11ea-b5b4-641c67a117d8)

Bleach developers reports : bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean..., attributes='a': 'style'. C...

7.5CVSS8AI score0.00718EPSS
Exploits1References5
debian
debian
added 2020/04/01 5:53 p.m.113 views

[SECURITY] [DLA 2167-1] python-bleach security update

Package : python-bleach Version : 1.4-1+deb8u1 CVE ID : CVE-2020-6817 Debian Bug : 955388 A vulnerability was discovered in python-bleach, a whitelist-based HTML-sanitizing library. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to a regular expression...

7.5CVSS7.1AI score0.00718EPSS
Exploits1
vulnersosv
vulnersosv
added 2020/03/30 7:45 p.m.8 views

adversarial-labeller (=0.1.8), alo7-airflow (>=1.10.0 <=1.10.0.7) +122 more potentially affected by CVE-2020-6817 via bleach (>=1.2.2 <=3.1.3)

bleach PYPI version =1.2.2, =1.10.0, =0.1.0, =0.0.6, =0.3.0, =0.0.9, =0.3.4, =0.0.5, =0.1.0rc1, =0.1.3, =0.0.1, =0.2.1, =0.4.3 - dbx-deploy =0.6.1 and more Source cves: CVE-2020-6817 Source advisory: OSV:GHSA-VQHP-CXGC-6WMM...

7.5CVSS7.1AI score0.00718EPSS
Exploits1
github
github
added 2020/03/30 7:45 p.m.78 views

regular expression denial-of-service (ReDoS) in Bleach

Impact bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean..., attributes='a': 'style'. Patches 3.1.4 Workarounds d...

7.5CVSS0.4AI score0.00718EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder