PYSEC-2021-865
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2021-865.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2021-865
- Aliases
- Published
- 2021-02-02T17:58:00Z
- Modified
- 2023-11-08T04:05:14.166540Z
- Summary
- [none]
- Details
-
In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False.
- References
Affected packages
PyPI / bleach
Package
- Name
- bleach
- View open source insights on deps.dev
- Purl
- pkg:pypi/bleach
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mozilla/bleach
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.3.0
Affected versions
0.*
0.1
0.1.1
0.1.2
0.2
0.2.1
0.2.2
0.3
0.3.1
0.3.3
0.3.4
0.5.0
0.5.1
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.2
1.2.1
1.2.2
1.4
1.4.1
1.4.2
1.4.3
1.5.0
2.*
2.0.0
2.1
2.1.1
2.1.2
2.1.3
2.1.4
3.*
3.0.0
3.0.1
3.0.2
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.2.0
3.2.1
3.2.2
3.2.3