VulnerableCode Package Details - pkg:pypi/bleach@3.1.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-kxh2-721e-tyh2 Aliases: CVE-2020-6817 GHSA-vqhp-cxgc-6wmm GMS-2020-698 PYSEC-2020-340 SNYK-PYTHON-BLEACH-561754	In Mozilla Bleach before 3.1.4, `bleach.clean` behavior parsing style attributes could result in a regular expression denial of service (ReDoS).	3.1.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mqaz-y2xw-sya2 Aliases: CVE-2021-23980 GHSA-vv2x-vrpj-qqpq GMS-2021-168 PYSEC-2021-865	In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False.	3.3.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-kxh2-721e-tyh2
Aliases:
CVE-2020-6817
GHSA-vqhp-cxgc-6wmm
GMS-2020-698
PYSEC-2020-340
SNYK-PYTHON-BLEACH-561754

In Mozilla Bleach before 3.1.4, `bleach.clean` behavior parsing style attributes could result in a regular expression denial of service (ReDoS).

3.1.4
Affected by 1 other vulnerability.

VCID-mqaz-y2xw-sya2
Aliases:
CVE-2021-23980
GHSA-vv2x-vrpj-qqpq
GMS-2021-168
PYSEC-2021-865

In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False.

3.3.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-cthk-b1bv-xfbk	In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.	CVE-2020-6816 GHSA-m6xf-fq7q-8743 PYSEC-2020-28

Vulnerability

Summary

Aliases

VCID-cthk-b1bv-xfbk

In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.

CVE-2020-6816
GHSA-m6xf-fq7q-8743
PYSEC-2020-28

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-29T19:54:34.045529+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.5.0
2026-04-29T19:39:29.782928+00:00	GitLab Importer	Affected by	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.5.0
2026-04-29T19:39:15.954030+00:00	GitLab Importer	Fixing	VCID-cthk-b1bv-xfbk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml	38.5.0
2026-04-16T21:16:46.423993+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.4.0
2026-04-16T21:02:10.347894+00:00	GitLab Importer	Affected by	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.4.0
2026-04-16T21:01:58.061061+00:00	GitLab Importer	Fixing	VCID-cthk-b1bv-xfbk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml	38.4.0
2026-04-11T22:28:56.470570+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.3.0
2026-04-11T22:13:30.097326+00:00	GitLab Importer	Affected by	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.3.0
2026-04-11T22:13:16.113885+00:00	GitLab Importer	Fixing	VCID-cthk-b1bv-xfbk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml	38.3.0
2026-04-02T22:40:31.639763+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.1.0
2026-04-02T22:25:51.002938+00:00	GitLab Importer	Affected by	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.1.0
2026-04-02T22:25:37.936383+00:00	GitLab Importer	Fixing	VCID-cthk-b1bv-xfbk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml	38.1.0
2026-04-01T16:43:33.763150+00:00	GitLab Importer	Fixing	VCID-cthk-b1bv-xfbk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/CVE-2020-6816.yml	38.0.0
2026-04-01T15:58:01.443990+00:00	GHSA Importer	Fixing	VCID-cthk-b1bv-xfbk	https://github.com/advisories/GHSA-m6xf-fq7q-8743	38.0.0
2026-04-01T15:03:24.776362+00:00	PyPI Importer	Affected by	VCID-mqaz-y2xw-sya2	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.0.0
2026-04-01T15:01:49.440788+00:00	PyPI Importer	Affected by	VCID-kxh2-721e-tyh2	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.0.0
2026-04-01T15:01:49.265859+00:00	PyPI Importer	Fixing	VCID-cthk-b1bv-xfbk	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.0.0
2026-04-01T13:00:16.037795+00:00	GithubOSV Importer	Fixing	VCID-cthk-b1bv-xfbk	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/03/GHSA-m6xf-fq7q-8743/GHSA-m6xf-fq7q-8743.json	38.0.0
2026-04-01T12:43:17.812808+00:00	Pypa Importer	Affected by	VCID-mqaz-y2xw-sya2	https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2021-865.yaml	38.0.0
2026-04-01T12:42:24.440787+00:00	Pypa Importer	Affected by	VCID-kxh2-721e-tyh2	https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2020-340.yaml	38.0.0
2026-04-01T12:42:24.350926+00:00	Pypa Importer	Fixing	VCID-cthk-b1bv-xfbk	https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2020-28.yaml	38.0.0