Filtered by vendor Python Software Foundation
Subscriptions
Filtered by product Black
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-21503 | 2 Python Software Foundation, Redhat | 2 Black, Ansible Automation Platform | 2024-11-21 | 5.3 Medium |
Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. |
Page 1 of 1.