VulnerableCode Package Details - pkg:pypi/bleach@3.1.4

Search for packages

Vulnerability	Summary	Fixed by
VCID-mqaz-y2xw-sya2 Aliases: CVE-2021-23980 GHSA-vv2x-vrpj-qqpq GMS-2021-168 PYSEC-2021-865	In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False.	3.3.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-mqaz-y2xw-sya2
Aliases:
CVE-2021-23980
GHSA-vv2x-vrpj-qqpq
GMS-2021-168
PYSEC-2021-865

In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with strip_comments=False.

3.3.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-kxh2-721e-tyh2	In Mozilla Bleach before 3.1.4, `bleach.clean` behavior parsing style attributes could result in a regular expression denial of service (ReDoS).	CVE-2020-6817 GHSA-vqhp-cxgc-6wmm GMS-2020-698 PYSEC-2020-340 SNYK-PYTHON-BLEACH-561754

Vulnerability

Summary

Aliases

VCID-kxh2-721e-tyh2

In Mozilla Bleach before 3.1.4, `bleach.clean` behavior parsing style attributes could result in a regular expression denial of service (ReDoS).

CVE-2020-6817
GHSA-vqhp-cxgc-6wmm
GMS-2020-698
PYSEC-2020-340
SNYK-PYTHON-BLEACH-561754

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-29T19:54:34.052117+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.5.0
2026-04-29T19:39:29.789761+00:00	GitLab Importer	Fixing	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.5.0
2026-04-16T21:16:46.430748+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.4.0
2026-04-16T21:02:10.354266+00:00	GitLab Importer	Fixing	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.4.0
2026-04-11T22:28:56.477969+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.3.0
2026-04-11T22:13:30.105160+00:00	GitLab Importer	Fixing	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.3.0
2026-04-02T22:40:31.646546+00:00	GitLab Importer	Affected by	VCID-mqaz-y2xw-sya2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2021-168.yml	38.1.0
2026-04-02T22:25:51.009390+00:00	GitLab Importer	Fixing	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.1.0
2026-04-02T12:36:34.987133+00:00	GitLab Importer	Fixing	VCID-kxh2-721e-tyh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bleach/GMS-2020-698.yml	38.0.0
2026-04-01T15:58:01.709525+00:00	GHSA Importer	Fixing	VCID-kxh2-721e-tyh2	https://github.com/advisories/GHSA-vqhp-cxgc-6wmm	38.0.0
2026-04-01T15:03:24.783528+00:00	PyPI Importer	Affected by	VCID-mqaz-y2xw-sya2	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.0.0
2026-04-01T15:01:49.447988+00:00	PyPI Importer	Fixing	VCID-kxh2-721e-tyh2	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.0.0
2026-04-01T13:00:14.740345+00:00	GithubOSV Importer	Fixing	VCID-kxh2-721e-tyh2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/03/GHSA-vqhp-cxgc-6wmm/GHSA-vqhp-cxgc-6wmm.json	38.0.0
2026-04-01T12:43:17.816427+00:00	Pypa Importer	Affected by	VCID-mqaz-y2xw-sya2	https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2021-865.yaml	38.0.0
2026-04-01T12:42:24.445394+00:00	Pypa Importer	Fixing	VCID-kxh2-721e-tyh2	https://github.com/pypa/advisory-database/blob/main/vulns/bleach/PYSEC-2020-340.yaml	38.0.0