Filtered by vendor Python Software Foundation Subscriptions
Filtered by product Black Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-21503 2 Python Software Foundation, Redhat 2 Black, Ansible Automation Platform 2024-11-21 5.3 Medium
Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.