0.001 Low
EPSS
Percentile
29.7%
bleach is vulnerable to regular expression denial of service (ReDoS). The vulnerability exists when parsing style attributes through sanitize_css.
sanitize_css
bugzilla.mozilla.org/show_bug.cgi?id=1623633
github.com/advisories/GHSA-vqhp-cxgc-6wmm
github.com/mozilla/bleach/commit/d6018f2539d271963c3e7f54f36ef11900363c69
github.com/mozilla/bleach/releases/tag/v3.1.4
github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm