Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/bleach@2.1.3
purl pkg:pypi/bleach@2.1.3
Next non-vulnerable version 3.3.0
Latest non-vulnerable version 3.3.0
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-92h1-h2vh-xyb6
Aliases:
CVE-2020-6802
GHSA-q65m-pv3f-wr5r
PYSEC-2020-27
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
3.1.1
Affected by 3 other vulnerabilities.
VCID-cthk-b1bv-xfbk
Aliases:
CVE-2020-6816
GHSA-m6xf-fq7q-8743
PYSEC-2020-28
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.
3.1.2
Affected by 2 other vulnerabilities.
VCID-kxh2-721e-tyh2
Aliases:
CVE-2020-6817
GHSA-vqhp-cxgc-6wmm
GMS-2020-698
PYSEC-2020-340
SNYK-PYTHON-BLEACH-561754
In Mozilla Bleach before 3.1.4, `bleach.clean` behavior parsing style attributes could result in a regular expression denial of service (ReDoS).
3.1.4
Affected by 1 other vulnerability.
VCID-mqaz-y2xw-sya2
Aliases:
CVE-2021-23980
GHSA-vv2x-vrpj-qqpq
GMS-2021-168
PYSEC-2021-865
In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False.
3.3.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-7ae6-tssy-h7h4 An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized. CVE-2018-7753
GHSA-m9mq-p2f9-cfqv
PYSEC-2018-51

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-01T14:16:19.204173+00:00 GHSA Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/advisories/GHSA-m9mq-p2f9-cfqv 38.6.0
2026-04-29T19:54:34.022383+00:00 GitLab Importer Affected by VCID-mqaz-y2xw-sya2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml 38.5.0
2026-04-29T19:39:29.758510+00:00 GitLab Importer Affected by VCID-kxh2-721e-tyh2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml 38.5.0
2026-04-29T19:39:15.922043+00:00 GitLab Importer Affected by VCID-cthk-b1bv-xfbk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml 38.5.0
2026-04-29T19:38:12.697917+00:00 GitLab Importer Affected by VCID-92h1-h2vh-xyb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6802.yml 38.5.0
2026-04-29T19:18:43.191681+00:00 GitLab Importer Fixing VCID-7ae6-tssy-h7h4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2018-7753.yml 38.5.0
2026-04-16T21:16:46.399613+00:00 GitLab Importer Affected by VCID-mqaz-y2xw-sya2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml 38.4.0
2026-04-16T21:02:10.325328+00:00 GitLab Importer Affected by VCID-kxh2-721e-tyh2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml 38.4.0
2026-04-16T21:01:58.037512+00:00 GitLab Importer Affected by VCID-cthk-b1bv-xfbk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml 38.4.0
2026-04-16T21:00:55.986254+00:00 GitLab Importer Affected by VCID-92h1-h2vh-xyb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6802.yml 38.4.0
2026-04-16T20:41:58.638878+00:00 GitLab Importer Fixing VCID-7ae6-tssy-h7h4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2018-7753.yml 38.4.0
2026-04-16T01:26:24.309867+00:00 GHSA Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/advisories/GHSA-m9mq-p2f9-cfqv 38.4.0
2026-04-11T22:28:56.443932+00:00 GitLab Importer Affected by VCID-mqaz-y2xw-sya2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml 38.3.0
2026-04-11T22:13:30.070865+00:00 GitLab Importer Affected by VCID-kxh2-721e-tyh2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml 38.3.0
2026-04-11T22:13:16.080752+00:00 GitLab Importer Affected by VCID-cthk-b1bv-xfbk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml 38.3.0
2026-04-11T22:12:12.075227+00:00 GitLab Importer Affected by VCID-92h1-h2vh-xyb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6802.yml 38.3.0
2026-04-11T21:52:34.971371+00:00 GitLab Importer Fixing VCID-7ae6-tssy-h7h4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2018-7753.yml 38.3.0
2026-04-11T12:55:43.126544+00:00 GHSA Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/advisories/GHSA-m9mq-p2f9-cfqv 38.3.0
2026-04-02T22:40:31.616198+00:00 GitLab Importer Affected by VCID-mqaz-y2xw-sya2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml 38.1.0
2026-04-02T22:25:50.979851+00:00 GitLab Importer Affected by VCID-kxh2-721e-tyh2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml 38.1.0
2026-04-02T22:25:37.912275+00:00 GitLab Importer Affected by VCID-cthk-b1bv-xfbk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml 38.1.0
2026-04-02T22:24:39.590172+00:00 GitLab Importer Affected by VCID-92h1-h2vh-xyb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6802.yml 38.1.0
2026-04-02T22:06:22.129292+00:00 GitLab Importer Fixing VCID-7ae6-tssy-h7h4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2018-7753.yml 38.1.0
2026-04-02T13:48:13.513579+00:00 GHSA Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/advisories/GHSA-m9mq-p2f9-cfqv 38.1.0
2026-04-01T16:43:33.737969+00:00 GitLab Importer Affected by VCID-cthk-b1bv-xfbk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml 38.0.0
2026-04-01T16:42:31.408082+00:00 GitLab Importer Affected by VCID-92h1-h2vh-xyb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6802.yml 38.0.0
2026-04-01T15:57:10.855004+00:00 GHSA Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/advisories/GHSA-m9mq-p2f9-cfqv 38.0.0
2026-04-01T15:03:24.751284+00:00 PyPI Importer Affected by VCID-mqaz-y2xw-sya2 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T15:01:49.414733+00:00 PyPI Importer Affected by VCID-kxh2-721e-tyh2 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T15:01:49.241904+00:00 PyPI Importer Affected by VCID-cthk-b1bv-xfbk https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T15:01:49.074625+00:00 PyPI Importer Affected by VCID-92h1-h2vh-xyb6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T15:00:11.778935+00:00 PyPI Importer Fixing VCID-7ae6-tssy-h7h4 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T13:04:13.091331+00:00 GithubOSV Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/01/GHSA-m9mq-p2f9-cfqv/GHSA-m9mq-p2f9-cfqv.json 38.0.0
2026-04-01T12:47:36.431856+00:00 GitLab Importer Fixing VCID-7ae6-tssy-h7h4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2018-7753.yml 38.0.0
2026-04-01T12:43:17.800066+00:00 Pypa Importer Affected by VCID-mqaz-y2xw-sya2 https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2021-865.yaml 38.0.0
2026-04-01T12:42:24.429667+00:00 Pypa Importer Affected by VCID-kxh2-721e-tyh2 https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2020-340.yaml 38.0.0
2026-04-01T12:42:24.336820+00:00 Pypa Importer Affected by VCID-cthk-b1bv-xfbk https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2020-28.yaml 38.0.0
2026-04-01T12:42:24.240676+00:00 Pypa Importer Affected by VCID-92h1-h2vh-xyb6 https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2020-27.yaml 38.0.0
2026-04-01T12:41:41.026851+00:00 Pypa Importer Fixing VCID-7ae6-tssy-h7h4 https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2018-51.yaml 38.0.0