Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

Debian: DSA-4636-1 High Severity: Python-Bleach Mutation XSS Risk

debian
Calendar Grey February 28, 2020
Debian Logo
Ubuntu Security Notice USN-4523-1 for python-bleach resolves a reflected XSS vulnerability associated with incorrect tag sanitization.
It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when 'noscript' and one or more raw text tag...

Summary

For the stable distribution (buster), this problem has been fixed in
version 3.1.1-0+deb10u1.

We recommend that you upgrade your python-bleach packages.

For the detailed security status of python-bleach please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/source-package/python-bleach

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Package: python-bleach
CVE ID: CVE-2020-6802

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here