{"url":"http://public2.vulnerablecode.io/api/packages/373332?format=json","purl":"pkg:pypi/justhtml@1.16.0","type":"pypi","namespace":"","name":"justhtml","version":"1.16.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.18.0","latest_non_vulnerable_version":"1.18.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359816?format=json","vulnerability_id":"VCID-pe3n-8tcx-5bb5","summary":"justhtml has sanitization bypass in custom policies and programmatic DOM\n## Summary\n\n`justhtml` `1.17.0` fixes multiple security issues in sanitization, serialization, and programmatic DOM handling.\n\nMost of these issues affected advanced or custom configurations rather than the default safe path.\n\n## Affected versions\n\n- `justhtml` `<= 1.16.0`\n\n## Fixed version\n\n- `justhtml` `1.17.0` released on April 19, 2026\n\n## Impact\n\n### Custom SVG / MathML sanitization policies\nCustom policies that preserved foreign namespaces could allow dangerous content to survive sanitization, including:\n\n- active HTML integration points such as SVG `<foreignObject>`, MathML `<annotation-xml encoding=\"text/html\">`, SVG `<title>` / `<desc>`, and MathML text integration points\n- mutation-XSS parser-differential payloads that looked inert in memory but became active HTML after reparse\n- SVG `filter=\"url(...)\"` attributes that could trigger external fetches\n\nThese issues affected:\n- `JustHTML(..., sanitize=True)` with custom foreign-namespace policies\n- `sanitize()` / `sanitize_dom()`\n- low-level terminal `Sanitize(...)` transform execution\n\n### Preserved `<style>` handling\nConstructor-time sanitization and explicit `Sanitize(...)` transforms did not fully match `sanitize()` / `sanitize_dom()` when custom policies preserved `<style>`.\n\nThat could leave resource-loading CSS such as `@import` or `background-image:url(...)` in sanitized output from HTML string input.\n\n### Programmatic DOM serialization\nProgrammatic `script`, `style`, and `Comment(...)` nodes could still serialize into active markup in some edge cases.\n\nThis could affect applications that build or mutate DOM trees directly before calling `to_html()` or `to_markdown(html_passthrough=True)`.\n\n### Cache mutation and DOM cycle handling\nTwo lower-severity hardening fixes were included:\n\n- compiled sanitize-pipeline caches could be mutated after warming and weaken later sanitization\n- parent/child cycles in programmatic DOM trees could cause infinite loops in operations such as `to_html()` and `sanitize_dom()`\n\n## Default configuration\n\nMost of the issues above did **not** affect ordinary parsed HTML with the default `JustHTML(..., sanitize=True)` configuration.\n\nThe main risk areas were:\n\n- custom policies that preserve SVG or MathML\n- custom policies that preserve `<style>`\n- programmatic DOM construction or mutation\n- low-level direct sanitizer/transform APIs\n\n## Recommended action\n\nUpgrade to `justhtml` `1.17.0`.\n\nIf users cannot upgrade immediately:\n\n- avoid preserving SVG or MathML for untrusted input\n- avoid preserving `<style>` for untrusted input\n- avoid mutating programmatic DOM trees with untrusted `script`, `style`, or comment content\n- avoid mutating warmed policy internals or sanitizer caches\n\n## Credit\n\nDiscovered during an internal security review of `justhtml`.","references":[{"reference_url":"https://github.com/EmilStenstrom/justhtml","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EmilStenstrom/justhtml"},{"reference_url":"https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-vrx2-77f2-ww34","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-vrx2-77f2-ww34"},{"reference_url":"https://github.com/advisories/GHSA-vrx2-77f2-ww34","reference_id":"GHSA-vrx2-77f2-ww34","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vrx2-77f2-ww34"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373653?format=json","purl":"pkg:pypi/justhtml@1.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ze6z-2zm7-rud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/justhtml@1.17.0"}],"aliases":["GHSA-vrx2-77f2-ww34"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pe3n-8tcx-5bb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360278?format=json","vulnerability_id":"VCID-ze6z-2zm7-rud9","summary":"justhtml introduces denial-of-service hardening\n## Summary\n\n`justhtml` `1.18.0` fixes multiple low-severity denial-of-service hardening issues in CSS selector handling and linkification.\n\nThese issues are availability concerns. They do not allow script execution, data disclosure, or sanitizer bypass by themselves.\n\n## Affected versions\n\n- `justhtml` `< 1.18.0`\n\n## Fixed version\n\n- `justhtml` `1.18.0` released on May 4, 2026\n\n## Impact\n\n### CSS selector handling\n\nApplications that evaluate attacker-controlled selector strings, or that run selector-based transform pipelines over attacker-controlled documents, could consume disproportionate CPU or memory.\n\nThe affected selector patterns included oversized selectors, large selector lists, oversized compound selectors, long combinator chains, deeply nested functional pseudo-classes such as `:not(...)`, repeated attribute/class token matching over large values, repeated sibling or ancestor scans, repeated positional pseudo-class work, and `:contains(...)` over large descendant text.\n\nProgrammatically constructed malformed DOM graphs could also trigger non-terminating or duplicate traversal in some selector paths, including cyclic/shared child graphs, cyclic parent chains, and cyclic text traversal for `:contains(...)`.\n\n### Linkification\n\nAttacker-controlled text containing punctuation-heavy input or URL candidates ending in long runs of unmatched closing brackets could cause repeated rescanning and consume disproportionate CPU when linkification was enabled.\n\n## Default configuration\n\nOrdinary sanitization of parsed HTML with the default `JustHTML(..., sanitize=True)` configuration is not expected to expose untrusted users to selector injection, because selectors are normally supplied by application code.\n\nThe main risk areas are:\n\n- applications that accept selector strings from untrusted users and pass them to `query(...)`, `matches(...)`, or selector-based transforms\n- custom transform or sanitization pipelines that run selector matching over very large untrusted documents\n- applications that construct or mutate DOM trees programmatically from untrusted structure\n- applications that enable `Linkify(...)` over attacker-controlled text\n\n## Fixes in 1.18.0\n\n`1.18.0` adds generalized selector resource controls and removes several repeated-work hot paths:\n\n- shared selector limits for parse and match operations\n- structural caps for selector length, selector lists, compound selectors, complex selectors, and parse depth\n- match-operation and string-byte budgets\n- per-query matcher state for caches and cycle guards\n- precomputed or cached ancestor, sibling, positional, attribute-token, text-content, `:not(...)`, `:empty`, and `:nth-child(...)` work\n- consistent enforcement across public parsing, `query(...)`, tag-only query fast paths, transform selector compilation, and sanitization transform matching\n- linkification hardening for punctuation-heavy inputs and trailing bracket trimming\n\n## CWE mapping\n\n- CWE-400: Uncontrolled Resource Consumption\n- CWE-407: Inefficient Algorithmic Complexity\n- CWE-835: Loop with Unreachable Exit Condition\n\n## Recommended action\n\nUpgrade to `justhtml` `1.18.0`.\n\nIf users cannot upgrade immediately:\n\n- do not pass untrusted selector strings to `query(...)`, `matches(...)`, or selector-based transforms\n- restrict the size of untrusted documents before selector matching or linkification\n- avoid constructing programmatic DOM graphs from untrusted structure\n- avoid enabling `Linkify(...)` on very large attacker-controlled text\n\n## Credit\n\nDiscovered during an internal security review of `justhtml`.","references":[{"reference_url":"https://github.com/EmilStenstrom/justhtml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EmilStenstrom/justhtml"},{"reference_url":"https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-r8cj-3554-33mr","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-r8cj-3554-33mr"},{"reference_url":"https://github.com/advisories/GHSA-r8cj-3554-33mr","reference_id":"GHSA-r8cj-3554-33mr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r8cj-3554-33mr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375450?format=json","purl":"pkg:pypi/justhtml@1.18.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/justhtml@1.18.0"}],"aliases":["GHSA-r8cj-3554-33mr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze6z-2zm7-rud9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359767?format=json","vulnerability_id":"VCID-7efv-ez9t-cyh9","summary":"Multiple security fixes in justhtml\n## Summary\n\n`justhtml` `1.16.0` fixes multiple security issues in sanitization, serialization, and programmatic DOM handling.\n\nMost of these issues affected one of these advanced paths rather than ordinary parsed HTML with the default safe settings:\n\n- programmatic DOM input to `sanitize()` or `sanitize_dom()`\n- reused or mutated sanitization policy objects\n- custom policies that preserve foreign namespaces such as SVG or MathML\n\n## Affected versions\n\n- `justhtml` `<= 1.15.0`\n\n## Fixed version\n\n- `justhtml` `1.16.0` released on April 12, 2026\n\n## Impact\n\n### Policy reuse and mutation\nNested mutation of sanitization policy internals could weaken later sanitization by leaving stale compiled sanitizers active, or by mutating exported default policy internals process-wide.\n\n### In-memory sanitization gaps\nProgrammatic DOM sanitization could miss dangerous mixed-case tag names such as `ScRiPt` or `StYlE`, and custom `drop_content_tags` values such as `{\"SCRIPT\"}` could silently fail to drop dangerous subtrees.\n\n### Serialization injection\nCrafted programmatic doctype names could serialize into active markup before the document body.\n\n### Foreign-namespace policy bypasses\nCustom policies that preserve SVG or MathML could allow active SVG features to survive sanitization, including:\n\n- animation elements such as `<set>` and `<animate>` that mutate already-sanitized attributes after sanitization\n- presentation attributes such as `fill`, `clip-path`, `mask`, `marker-start`, and `cursor` containing external `url(...)` references\n- programmatic DOM trees that claim `namespace=\"html\"` but serialize as `<svg>` or `<math>`, bypassing foreign-content checks\n\n### Rawtext hardening gap\nMixed-case programmatic `style` or `script` nodes could bypass rawtext hardening and preserve active stylesheet content such as remote `@import` rules.\n\n## Default configuration\n\nMost of these issues did **not** affect the normal `JustHTML(..., sanitize=True)` path for ordinary parsed HTML.\n\nThe main exceptions were policy-mutation issues, which could weaken later sanitization if code mutated nested state on reused policy objects or exported defaults.\n\n## Recommended action\n\nUpgrade to `justhtml` `1.16.0`.\n\nIf you cannot upgrade immediately:\n\n- do not mutate `DEFAULT_POLICY`, `DEFAULT_DOCUMENT_POLICY`, or nested policy internals\n- avoid reusing policy objects after mutating nested state\n- avoid preserving SVG or MathML for untrusted input\n- avoid preserving `style` or `script` in custom policies for untrusted input\n- avoid serializing untrusted programmatic doctypes or DOM trees\n\n## Credit\n\nDiscovered during an internal security review of `justhtml`.","references":[{"reference_url":"https://github.com/EmilStenstrom/justhtml","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EmilStenstrom/justhtml"},{"reference_url":"https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-4p64-v8f5-r2gx","reference_id":"","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/EmilStenstrom/justhtml/security/advisories/GHSA-4p64-v8f5-r2gx"},{"reference_url":"https://github.com/advisories/GHSA-4p64-v8f5-r2gx","reference_id":"GHSA-4p64-v8f5-r2gx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4p64-v8f5-r2gx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373332?format=json","purl":"pkg:pypi/justhtml@1.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pe3n-8tcx-5bb5"},{"vulnerability":"VCID-ze6z-2zm7-rud9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/justhtml@1.16.0"}],"aliases":["GHSA-4p64-v8f5-r2gx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7efv-ez9t-cyh9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/justhtml@1.16.0"}