CVE-2021-42576

Опубликовано: 18 окт. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	1.0.16-1
esm-apps/bionic	needs-triage
esm-apps/jammy	not-affected	1.0.16-1
esm-apps/noble	not-affected	1.0.16-1
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
esm-infra/xenial	DNE
focal	DNE
hirsute	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%

0.00321

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2021-42576

CVSS3: 9.8

nvd

больше 4 лет назад

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.

CVE-2021-42576

CVSS3: 9.8

debian

больше 4 лет назад

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Py ...

GHSA-x95h-979x-cf3j

CVSS3: 9.8

github

больше 4 лет назад

Policies not properly enforced in bluemonday

EPSS

Процентиль: 55%

0.00321

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2021-42576

Описание

Пакет golang-github-microcosm-cc-bluemonday

Ссылки на источники

Связанные уязвимости