black
PyPI2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting blackpage 1 of 1
- CVE-2024-21503MEDIUMCVSS 5.3EG 5.3✓ Fixed in 24.3.02024-03-19
vulnerable: 18.3a0 ... 24.2.0 (57 versions)
Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a…
- CVE-2026-32274HIGHCVSS 7.5EG 7.5✓ Fixed in 26.3.12026-03-12
vulnerable: 18.3a0 ... 26.3.0 (70 versions)
Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without s…
Check whether black is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for black CVEs against the assets you own.
Start Free Scan →