VYPR

PyPI package

black

pkg:pypi/black

Vulnerabilities (2)

  • CVE-2026-32274Mar 12, 2026
    affected < 26.3.1fixed 26.3.1

    Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker wh

  • CVE-2024-21503MedMar 19, 2024
    affected < 24.3.0fixed 24.3.0

    Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of