ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0176
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0176)
Resumen:	The remote host is missing an update for the 'python-bleach' package(s) announced via the MGASA-2020-0176 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-bleach' package(s) announced via the MGASA-2020-0176 advisory. Vulnerability Insight: In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False. (CVE-2020-6816) Regular expression denial of service. (CVE-2020-6817) Affected Software/OS: 'python-bleach' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-6816 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EDQU2SZLZMSSACCBUBJ6NOSRNNBDYFW5/ https://advisory.checkmarx.net/advisory/CX-2020-4277 https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743 https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach Common Vulnerability Exposure (CVE) ID: CVE-2020-6817 https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.