Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/bleach@2.1
Typepypi
Namespace
Namebleach
Version2.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.3.0
Latest_non_vulnerable_version3.3.0
Affected_by_vulnerabilities
0
url VCID-9x8j-3x6q-yff3
vulnerability_id VCID-9x8j-3x6q-yff3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23980.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23980.json
1
reference_url https://advisory.checkmarx.net/advisory/CX-2021-4303
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://advisory.checkmarx.net/advisory/CX-2021-4303
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23980
reference_id
reference_type
scores
0
value 0.00494
scoring_system epss
scoring_elements 0.66273
published_at 2026-06-12T12:55:00Z
1
value 0.00494
scoring_system epss
scoring_elements 0.66179
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23980
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1689399
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.mozilla.org/show_bug.cgi?id=1689399
4
reference_url https://cure53.de/fp170.pdf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cure53.de/fp170.pdf
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23980
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23980
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/mozilla/bleach
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach
8
reference_url https://github.com/mozilla/bleach/blob/79b7a3c5e56a09d1d323a5006afa59b56162eb13/CHANGES#L4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/blob/79b7a3c5e56a09d1d323a5006afa59b56162eb13/CHANGES#L4
9
reference_url https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2021-865.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2021-865.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23980
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-23980
12
reference_url https://pypi.org/project/bleach
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/bleach
13
reference_url https://pypi.org/project/bleach/
reference_id
reference_type
scores
url https://pypi.org/project/bleach/
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925252
reference_id 1925252
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1925252
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986251
reference_id 986251
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986251
16
reference_url https://github.com/advisories/GHSA-vv2x-vrpj-qqpq
reference_id GHSA-vv2x-vrpj-qqpq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vv2x-vrpj-qqpq
17
reference_url https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq
reference_id GHSA-vv2x-vrpj-qqpq
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T15:18:14Z/
url https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq
18
reference_url https://access.redhat.com/errata/RHSA-2021:0781
reference_id RHSA-2021:0781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0781
19
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980
reference_id show_bug.cgi?id=CVE-2021-23980
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T15:18:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980
20
reference_url https://usn.ubuntu.com/8077-1/
reference_id USN-8077-1
reference_type
scores
url https://usn.ubuntu.com/8077-1/
fixed_packages
0
url pkg:pypi/bleach@3.3.0
purl pkg:pypi/bleach@3.3.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bleach@3.3.0
aliases CVE-2021-23980, GHSA-vv2x-vrpj-qqpq, GMS-2021-168, PYSEC-2021-865
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9x8j-3x6q-yff3
1
url VCID-djm9-sntt-4fbx
vulnerability_id VCID-djm9-sntt-4fbx
summary Bleach URI Scheme Restriction Bypass
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7753
reference_id
reference_type
scores
0
value 0.00511
scoring_system epss
scoring_elements 0.66898
published_at 2026-06-11T12:55:00Z
1
value 0.00511
scoring_system epss
scoring_elements 0.6699
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7753
1
reference_url https://bugs.debian.org/892252
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.debian.org/892252
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7753
3
reference_url https://github.com/mozilla/bleach
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach
4
reference_url https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef
5
reference_url https://github.com/mozilla/bleach/releases/tag/v2.1.3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/releases/tag/v2.1.3
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2018-51.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2018-51.yaml
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892252
reference_id 892252
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892252
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7753
reference_id CVE-2018-7753
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-7753
9
reference_url https://github.com/advisories/GHSA-m9mq-p2f9-cfqv
reference_id GHSA-m9mq-p2f9-cfqv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9mq-p2f9-cfqv
10
reference_url https://usn.ubuntu.com/8077-1/
reference_id USN-8077-1
reference_type
scores
url https://usn.ubuntu.com/8077-1/
fixed_packages
0
url pkg:pypi/bleach@2.1.3
purl pkg:pypi/bleach@2.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9x8j-3x6q-yff3
1
vulnerability VCID-j8sj-4ncd-2ffw
2
vulnerability VCID-nybz-zunt-9yg3
3
vulnerability VCID-sq3y-b33z-5fbb
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bleach@2.1.3
aliases CVE-2018-7753, GHSA-m9mq-p2f9-cfqv, PYSEC-2018-51
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djm9-sntt-4fbx
2
url VCID-j8sj-4ncd-2ffw
vulnerability_id VCID-j8sj-4ncd-2ffw
summary bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6817
reference_id
reference_type
scores
0
value 0.00581
scoring_system epss
scoring_elements 0.69387
published_at 2026-06-11T12:55:00Z
1
value 0.00581
scoring_system epss
scoring_elements 0.69479
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6817
1
reference_url https://blog.r2c.dev/posts/finding-python-redos-bugs-at-scale-using-dlint-and-r2c/
reference_id
reference_type
scores
url https://blog.r2c.dev/posts/finding-python-redos-bugs-at-scale-using-dlint-and-r2c/
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6817
3
reference_url https://github.com/mozilla/bleach
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach
4
reference_url https://github.com/mozilla/bleach/releases/tag/v3.1.4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/releases/tag/v3.1.4
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2020-340.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2020-340.yaml
6
reference_url https://snyk.io/vuln/SNYK-PYTHON-BLEACH-561754
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-PYTHON-BLEACH-561754
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955388
reference_id 955388
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955388
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-6817
reference_id CVE-2020-6817
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-6817
9
reference_url https://github.com/advisories/GHSA-vqhp-cxgc-6wmm
reference_id GHSA-vqhp-cxgc-6wmm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqhp-cxgc-6wmm
10
reference_url https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
reference_id GHSA-vqhp-cxgc-6wmm
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-19T15:21:19Z/
url https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1623633
reference_id show_bug.cgi?id=1623633
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-19T15:21:19Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1623633
12
reference_url https://usn.ubuntu.com/8077-1/
reference_id USN-8077-1
reference_type
scores
url https://usn.ubuntu.com/8077-1/
fixed_packages
0
url pkg:pypi/bleach@3.1.4
purl pkg:pypi/bleach@3.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9x8j-3x6q-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bleach@3.1.4
aliases CVE-2020-6817, GHSA-vqhp-cxgc-6wmm, GMS-2020-698, PYSEC-2020-340, SNYK-PYTHON-BLEACH-561754
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j8sj-4ncd-2ffw
3
url VCID-nybz-zunt-9yg3
vulnerability_id VCID-nybz-zunt-9yg3
summary security update
references
0
reference_url https://advisory.checkmarx.net/advisory/CX-2020-4277
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://advisory.checkmarx.net/advisory/CX-2020-4277
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6816
reference_id
reference_type
scores
0
value 0.00419
scoring_system epss
scoring_elements 0.62418
published_at 2026-06-12T12:55:00Z
1
value 0.00419
scoring_system epss
scoring_elements 0.62316
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6816
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6816
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6816
3
reference_url https://github.com/mozilla/bleach
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach
4
reference_url https://github.com/mozilla/bleach/releases/tag/v3.1.2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/releases/tag/v3.1.2
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2020-28.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2020-28.yaml
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EDQU2SZLZMSSACCBUBJ6NOSRNNBDYFW5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EDQU2SZLZMSSACCBUBJ6NOSRNNBDYFW5
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EDQU2SZLZMSSACCBUBJ6NOSRNNBDYFW5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EDQU2SZLZMSSACCBUBJ6NOSRNNBDYFW5/
8
reference_url https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954236
reference_id 954236
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954236
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-6816
reference_id CVE-2020-6816
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-6816
11
reference_url https://github.com/advisories/GHSA-m6xf-fq7q-8743
reference_id GHSA-m6xf-fq7q-8743
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m6xf-fq7q-8743
12
reference_url https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743
reference_id GHSA-m6xf-fq7q-8743
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743
13
reference_url https://usn.ubuntu.com/8077-1/
reference_id USN-8077-1
reference_type
scores
url https://usn.ubuntu.com/8077-1/
fixed_packages
0
url pkg:pypi/bleach@3.1.2
purl pkg:pypi/bleach@3.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9x8j-3x6q-yff3
1
vulnerability VCID-j8sj-4ncd-2ffw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bleach@3.1.2
aliases CVE-2020-6816, GHSA-m6xf-fq7q-8743, PYSEC-2020-28
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nybz-zunt-9yg3
4
url VCID-sq3y-b33z-5fbb
vulnerability_id VCID-sq3y-b33z-5fbb
summary security update
references
0
reference_url https://advisory.checkmarx.net/advisory/CX-2020-4276
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://advisory.checkmarx.net/advisory/CX-2020-4276
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6802
reference_id
reference_type
scores
0
value 0.00267
scoring_system epss
scoring_elements 0.50481
published_at 2026-06-11T12:55:00Z
1
value 0.00267
scoring_system epss
scoring_elements 0.50615
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6802
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1615315
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.mozilla.org/show_bug.cgi?id=1615315
3
reference_url https://cure53.de/fp170.pdf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cure53.de/fp170.pdf
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6802
5
reference_url https://github.com/mozilla/bleach
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach
6
reference_url https://github.com/mozilla/bleach/commit/f77e0f6392177a06e46a49abd61a4d9f035e57fd
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/commit/f77e0f6392177a06e46a49abd61a4d9f035e57fd
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2020-27.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/bleach/PYSEC-2020-27.yaml
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/72R4VFFHDRSQMNT7IZU3X2755ZP4HGNI
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/72R4VFFHDRSQMNT7IZU3X2755ZP4HGNI
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/72R4VFFHDRSQMNT7IZU3X2755ZP4HGNI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/72R4VFFHDRSQMNT7IZU3X2755ZP4HGNI/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCNLM2MGQTOLCIVVYS2Z5S7KOQJR5JC4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCNLM2MGQTOLCIVVYS2Z5S7KOQJR5JC4
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCNLM2MGQTOLCIVVYS2Z5S7KOQJR5JC4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCNLM2MGQTOLCIVVYS2Z5S7KOQJR5JC4/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTULPQB7HVPPYWEYVNHJGDTSPVIDHIZX
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTULPQB7HVPPYWEYVNHJGDTSPVIDHIZX
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTULPQB7HVPPYWEYVNHJGDTSPVIDHIZX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTULPQB7HVPPYWEYVNHJGDTSPVIDHIZX/
14
reference_url https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951907
reference_id 951907
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951907
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-6802
reference_id CVE-2020-6802
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-6802
17
reference_url https://github.com/advisories/GHSA-q65m-pv3f-wr5r
reference_id GHSA-q65m-pv3f-wr5r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q65m-pv3f-wr5r
18
reference_url https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
reference_id GHSA-q65m-pv3f-wr5r
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
19
reference_url https://usn.ubuntu.com/8077-1/
reference_id USN-8077-1
reference_type
scores
url https://usn.ubuntu.com/8077-1/
fixed_packages
0
url pkg:pypi/bleach@3.1.1
purl pkg:pypi/bleach@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9x8j-3x6q-yff3
1
vulnerability VCID-j8sj-4ncd-2ffw
2
vulnerability VCID-nybz-zunt-9yg3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bleach@3.1.1
aliases CVE-2020-6802, GHSA-q65m-pv3f-wr5r, PYSEC-2020-27
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sq3y-b33z-5fbb
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/bleach@2.1