Bug ID | 1168280 |
---|---|
Summary | VUL-0: CVE-2020-6817: python-bleach: Regular expression denial of service in BleachSanitizerFilter.sanitize_css |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.1 |
Hardware | Other |
URL | https://smash.suse.de/issue/256206/ |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | dmueller@suse.com |
Reporter | atoptsoglou@suse.com |
QA Contact | security-team@suse.de |
Found By | Security Response Team |
Blocker | --- |
CVE-2020-6817 bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}). Workarounds: do not whitelist the style attribute in bleach.clean calls limit input string length References https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 https://www.regular-expressions.info/redos.html https://blog.r2c.dev/posts/finding-python-redos-bugs-at-scale-using-dlint-and-r2c/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6817 https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm