Sign in Book a demo Get started free

← All vulnerabilities

LOWSupply chain

GHSA-8RFP-98V4-MMR6

pip · bleach

Summary

Bleach: URI sanitization allows disallowed URI schemes with Unicode > U+00A0 in output

References

Related vulnerabilities

All Supply chain →

HIGHGHSA-8C9Q-7855-WFXQ
File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection
MEDIUMGHSA-HHPQ-7WG4-36JM
CakePHP Authentication: Open redirect weakness via backslash bypass
CRITICALGHSA-8FQ9-273G-6MRG
Avo: Missing Authorization in Avo Association Attach Endpoint Allows Unauthorized Relationship Manipulation and Privilege Escalation
MEDIUMGHSA-X2QC-CMH9-F4HF
Deno: Denial of service via non-ASCII bytes in WebSocket response headers
CRITICALGHSA-2F55-G35J-5JMF
HAPI FHIR: XXE in XsltUtilities.saxonTransform via unhardened Saxon TransformerFactory
HIGHGHSA-FXJ4-P9XP-37V5
HAPI FHIR: Incomplete fix for CVE-2026-45367: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS