Release | Version |
---|---|
stretch | 2.0-1 |
stretch (security) | 2.0-1+deb9u1 |
buster | 3.1.2-0+deb10u2 |
bullseye | 3.2.1-2.1 |
bookworm | 4.1.0-2 |
sid | 5.0.0-1 |
Bug | stretch | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|---|
CVE-2020-6817 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Regular expression denial of service |
CVE-2020-6816 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCD ... |
CVE-2020-6802 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | In Mozilla Bleach before 3.11, a mutation XSS affects users calling bl ... |
Bug | Description |
---|---|
CVE-2021-23980 | mutation XSS via allowed math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False |
CVE-2018-7753 | An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that ... |
DSA / DLA | Description |
---|---|
DSA-4892-1 | python-bleach - security update |
DLA-2620-1 | python-bleach - security update |
DLA-2167-1 | python-bleach - security update |
DSA-4643-1 | python-bleach - security update |
DSA-4636-1 | python-bleach - security update |