GHSA-x95h-979x-cf3j

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/10/GHSA-x95h-979x-cf3j/GHSA-x95h-979x-cf3j.json
Aliases
Published
2021-10-19T20:15:30Z
Modified
2022-11-22T00:56:21.126098Z
Details

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

References

Affected packages

PyPI / pybluemonday

pybluemonday

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
0.0.8

Affected versions

0.*

0.0.1
0.0.2
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7

Go / github.com/microcosm-cc/bluemonday

github.com/microcosm-cc/bluemonday

Affected ranges

Type
SEMVER
Events
Introduced
0
Fixed
1.0.16

Affected versions