FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-30 04:04:33 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4c52ec3c-86f3-11ea-b5b4-641c67a117d8	py-bleach -- regular expression denial-of-service Bleach developers reports: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}). Discovery 2019-03-09 Entry 2020-04-26 py27-bleach py35-bleach py36-bleach py37-bleach py38-bleach < 3.1.4 https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 CVE-2020-6817 ports/245943

VuXML ID

Description

4c52ec3c-86f3-11ea-b5b4-641c67a117d8

py-bleach -- regular expression denial-of-service

Bleach developers reports:

bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS).

Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

Discovery 2019-03-09
Entry 2020-04-26
py27-bleach
py35-bleach
py36-bleach
py37-bleach
py38-bleach

< 3.1.4

https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
https://bugzilla.mozilla.org/show_bug.cgi?id=1623633
CVE-2020-6817
ports/245943