FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

www/py-bleach -- multiple vulnerabilities

Affected packages
py27-bleach < 3.1.2
py35-bleach < 3.1.2
py36-bleach < 3.1.2
py37-bleach < 3.1.2
py38-bleach < 3.1.2

Details

VuXML ID 3d19c776-68e7-11ea-91db-0050562a4d7b
Discovery 2020-02-13
Entry 2020-03-18

* ``bleach.clean`` behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS.

Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or ``svg`` tags and one or more of the RCDATA tags ``script``, ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or ``xmp`` in the allowed tags whitelist were vulnerable to a mutation XSS.

* ``bleach.clean`` behavior parsing ``noscript`` tags did not match browser behavior.

Calls to ``bleach.clean`` allowing ``noscript`` and one or more of the raw text tags (``title``, ``textarea``, ``script``, ``style``, ``noembed``, ``noframes``, ``iframe``, and ``xmp``) were vulnerable to a mutation XSS.

References

URL https://bugzilla.mozilla.org/show_bug.cgi?id=1615315
URL https://bugzilla.mozilla.org/show_bug.cgi?id=1621692