Schwag09

**Name of the Vulnerable Software and Affected Versions** Bleach versions prior to 3.1.4 **Description** The `bleach.clean` behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to `bleach.clean` with an allowed tag with an allowed `style` attribute are vulnerable to ReDoS. For example, `bleach.clean(..., attributes={'a': ['style']})`. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 to resolve the issue. As a temporary workaround, consider not whitelisting the `style` attribute in `bleach.clean` calls. Additionally, limit input string length to minimize the risk of exploitation.