The following vulnerability was published for black.
CVE-2024-21503[0]:
| Versions of the package black before 24.3.0 are vulnerable to
| Regular Expression Denial of Service (ReDoS) via the
| lines_with_leading_tabs_expanded function in the strings.py file. An
| attacker could exploit this vulnerability by crafting a malicious
| input that causes a denial of service. Exploiting this
| vulnerability is possible when running Black on untrusted input, or
| if you habitually put thousands of leading tab characters in your
| docstrings.