| Release | Version |
|---|---|
| jessie | 1.4-1 |
| stretch | 2.0-1 |
| buster | 3.1.0-1 |
| buster (security) | 3.1.2-0+deb10u1 |
| bullseye | 3.1.3-1 |
| sid | 3.1.4-1 |
| Bug | jessie | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2020-6817 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | Regular expression denial of service |
| CVE-2020-6816 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCD ... |
| CVE-2020-6802 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | In Mozilla Bleach before 3.11, a mutation XSS affects users calling bl ... |
| Bug | Description |
|---|---|
| CVE-2018-7753 | An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that ... |
| DSA / DLA | Description |
|---|---|
| DSA-4643-1 | python-bleach - security update |
| DSA-4636-1 | python-bleach - security update |