VulnerableCode Package Details - pkg:pypi/justhtml@1.16.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/justhtml@1.16.0

Essentials
History (5)

purl	pkg:pypi/justhtml@1.16.0

Next non-vulnerable version	1.18.0
Latest non-vulnerable version	1.18.0
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-pe3n-8tcx-5bb5 Aliases: GHSA-vrx2-77f2-ww34	justhtml has sanitization bypass in custom policies and programmatic DOM ## Summary `justhtml` `1.17.0` fixes multiple security issues in sanitization, serialization, and programmatic DOM handling. Most of these issues affected advanced or custom configurations rather than the default safe path. ## Affected versions - `justhtml` `<= 1.16.0` ## Fixed version - `justhtml` `1.17.0` released on April 19, 2026 ## Impact ### Custom SVG / MathML sanitization policies Custom policies that preserved foreign namespaces could allow dangerous content to survive sanitization, including: - active HTML integration points such as SVG `<foreignObject>`, MathML `<annotation-xml encoding="text/html">`, SVG `<title>` / `<desc>`, and MathML text integration points - mutation-XSS parser-differential payloads that looked inert in memory but became active HTML after reparse - SVG `filter="url(...)"` attributes that could trigger external fetches These issues affected: - `JustHTML(..., sanitize=True)` with custom foreign-namespace policies - `sanitize()` / `sanitize_dom()` - low-level terminal `Sanitize(...)` transform execution ### Preserved `<style>` handling Constructor-time sanitization and explicit `Sanitize(...)` transforms did not fully match `sanitize()` / `sanitize_dom()` when custom policies preserved `<style>`. That could leave resource-loading CSS such as `@import` or `background-image:url(...)` in sanitized output from HTML string input. ### Programmatic DOM serialization Programmatic `script`, `style`, and `Comment(...)` nodes could still serialize into active markup in some edge cases. This could affect applications that build or mutate DOM trees directly before calling `to_html()` or `to_markdown(html_passthrough=True)`. ### Cache mutation and DOM cycle handling Two lower-severity hardening fixes were included: - compiled sanitize-pipeline caches could be mutated after warming and weaken later sanitization - parent/child cycles in programmatic DOM trees could cause infinite loops in operations such as `to_html()` and `sanitize_dom()` ## Default configuration Most of the issues above did not affect ordinary parsed HTML with the default `JustHTML(..., sanitize=True)` configuration. The main risk areas were: - custom policies that preserve SVG or MathML - custom policies that preserve `<style>` - programmatic DOM construction or mutation - low-level direct sanitizer/transform APIs ## Recommended action Upgrade to `justhtml` `1.17.0`. If users cannot upgrade immediately: - avoid preserving SVG or MathML for untrusted input - avoid preserving `<style>` for untrusted input - avoid mutating programmatic DOM trees with untrusted `script`, `style`, or comment content - avoid mutating warmed policy internals or sanitizer caches ## Credit Discovered during an internal security review of `justhtml`.	1.17.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ze6z-2zm7-rud9 Aliases: GHSA-r8cj-3554-33mr	justhtml introduces denial-of-service hardening ## Summary `justhtml` `1.18.0` fixes multiple low-severity denial-of-service hardening issues in CSS selector handling and linkification. These issues are availability concerns. They do not allow script execution, data disclosure, or sanitizer bypass by themselves. ## Affected versions - `justhtml` `< 1.18.0` ## Fixed version - `justhtml` `1.18.0` released on May 4, 2026 ## Impact ### CSS selector handling Applications that evaluate attacker-controlled selector strings, or that run selector-based transform pipelines over attacker-controlled documents, could consume disproportionate CPU or memory. The affected selector patterns included oversized selectors, large selector lists, oversized compound selectors, long combinator chains, deeply nested functional pseudo-classes such as `:not(...)`, repeated attribute/class token matching over large values, repeated sibling or ancestor scans, repeated positional pseudo-class work, and `:contains(...)` over large descendant text. Programmatically constructed malformed DOM graphs could also trigger non-terminating or duplicate traversal in some selector paths, including cyclic/shared child graphs, cyclic parent chains, and cyclic text traversal for `:contains(...)`. ### Linkification Attacker-controlled text containing punctuation-heavy input or URL candidates ending in long runs of unmatched closing brackets could cause repeated rescanning and consume disproportionate CPU when linkification was enabled. ## Default configuration Ordinary sanitization of parsed HTML with the default `JustHTML(..., sanitize=True)` configuration is not expected to expose untrusted users to selector injection, because selectors are normally supplied by application code. The main risk areas are: - applications that accept selector strings from untrusted users and pass them to `query(...)`, `matches(...)`, or selector-based transforms - custom transform or sanitization pipelines that run selector matching over very large untrusted documents - applications that construct or mutate DOM trees programmatically from untrusted structure - applications that enable `Linkify(...)` over attacker-controlled text ## Fixes in 1.18.0 `1.18.0` adds generalized selector resource controls and removes several repeated-work hot paths: - shared selector limits for parse and match operations - structural caps for selector length, selector lists, compound selectors, complex selectors, and parse depth - match-operation and string-byte budgets - per-query matcher state for caches and cycle guards - precomputed or cached ancestor, sibling, positional, attribute-token, text-content, `:not(...)`, `:empty`, and `:nth-child(...)` work - consistent enforcement across public parsing, `query(...)`, tag-only query fast paths, transform selector compilation, and sanitization transform matching - linkification hardening for punctuation-heavy inputs and trailing bracket trimming ## CWE mapping - CWE-400: Uncontrolled Resource Consumption - CWE-407: Inefficient Algorithmic Complexity - CWE-835: Loop with Unreachable Exit Condition ## Recommended action Upgrade to `justhtml` `1.18.0`. If users cannot upgrade immediately: - do not pass untrusted selector strings to `query(...)`, `matches(...)`, or selector-based transforms - restrict the size of untrusted documents before selector matching or linkification - avoid constructing programmatic DOM graphs from untrusted structure - avoid enabling `Linkify(...)` on very large attacker-controlled text ## Credit Discovered during an internal security review of `justhtml`.	1.18.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-7efv-ez9t-cyh9	Multiple security fixes in justhtml ## Summary `justhtml` `1.16.0` fixes multiple security issues in sanitization, serialization, and programmatic DOM handling. Most of these issues affected one of these advanced paths rather than ordinary parsed HTML with the default safe settings: - programmatic DOM input to `sanitize()` or `sanitize_dom()` - reused or mutated sanitization policy objects - custom policies that preserve foreign namespaces such as SVG or MathML ## Affected versions - `justhtml` `<= 1.15.0` ## Fixed version - `justhtml` `1.16.0` released on April 12, 2026 ## Impact ### Policy reuse and mutation Nested mutation of sanitization policy internals could weaken later sanitization by leaving stale compiled sanitizers active, or by mutating exported default policy internals process-wide. ### In-memory sanitization gaps Programmatic DOM sanitization could miss dangerous mixed-case tag names such as `ScRiPt` or `StYlE`, and custom `drop_content_tags` values such as `{"SCRIPT"}` could silently fail to drop dangerous subtrees. ### Serialization injection Crafted programmatic doctype names could serialize into active markup before the document body. ### Foreign-namespace policy bypasses Custom policies that preserve SVG or MathML could allow active SVG features to survive sanitization, including: - animation elements such as `<set>` and `<animate>` that mutate already-sanitized attributes after sanitization - presentation attributes such as `fill`, `clip-path`, `mask`, `marker-start`, and `cursor` containing external `url(...)` references - programmatic DOM trees that claim `namespace="html"` but serialize as `<svg>` or `<math>`, bypassing foreign-content checks ### Rawtext hardening gap Mixed-case programmatic `style` or `script` nodes could bypass rawtext hardening and preserve active stylesheet content such as remote `@import` rules. ## Default configuration Most of these issues did not affect the normal `JustHTML(..., sanitize=True)` path for ordinary parsed HTML. The main exceptions were policy-mutation issues, which could weaken later sanitization if code mutated nested state on reused policy objects or exported defaults. ## Recommended action Upgrade to `justhtml` `1.16.0`. If you cannot upgrade immediately: - do not mutate `DEFAULT_POLICY`, `DEFAULT_DOCUMENT_POLICY`, or nested policy internals - avoid reusing policy objects after mutating nested state - avoid preserving SVG or MathML for untrusted input - avoid preserving `style` or `script` in custom policies for untrusted input - avoid serializing untrusted programmatic doctypes or DOM trees ## Credit Discovered during an internal security review of `justhtml`.	GHSA-4p64-v8f5-r2gx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T06:29:11.202809+00:00	GHSA Importer	Fixing	VCID-7efv-ez9t-cyh9	https://github.com/advisories/GHSA-4p64-v8f5-r2gx	38.6.0
2026-06-12T22:25:11.543625+00:00	GitLab Importer	Affected by	VCID-ze6z-2zm7-rud9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/justhtml/GHSA-r8cj-3554-33mr.yml	38.6.0
2026-06-12T22:11:57.922959+00:00	GitLab Importer	Affected by	VCID-pe3n-8tcx-5bb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/justhtml/GHSA-vrx2-77f2-ww34.yml	38.6.0
2026-06-12T22:04:27.644566+00:00	GitLab Importer	Fixing	VCID-7efv-ez9t-cyh9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/justhtml/GHSA-4p64-v8f5-r2gx.yml	38.6.0
2026-06-12T07:45:16.299638+00:00	GithubOSV Importer	Fixing	VCID-7efv-ez9t-cyh9	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-4p64-v8f5-r2gx/GHSA-4p64-v8f5-r2gx.json	38.6.0