CVE-2014-8881: Regular Expression Denial of Service
bleach is vulnerable to regular expression denial of service (ReDoS) when certain types of input is passed into the sanitize function. This can lead to long processing time, hanging the process while they occur.
References
Detect and mitigate CVE-2014-8881 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →