Download
| Alert*
oval:org.secpod.oval:def:52213
lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:70299 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:506110 python3-lxml is installed oval:org.secpod.oval:def:701976 python3-lxml is installed oval:org.secpod.oval:def:70303 lxml: pythonic binding for the libxml2 and libxslt librarie Details: USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. Original advisory lxml could allow cross-si ... oval:org.secpod.oval:def:701940 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:71226 Kevin Chung discovered that python3-lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input. This would allow a malicious user to mount a cross-site scripting attack. oval:org.secpod.oval:def:71247 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:3301165 SUSE Security Update: Security update for python-lxml oval:org.secpod.oval:def:507351 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix: * lxml: NULL Pointer Dereference in lxml For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ... oval:org.secpod.oval:def:1506272 [4.6.5-3] - Security fix for CVE-2022-2309 - Resolves: rhbz#2107571 oval:org.secpod.oval:def:2600114 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. oval:org.secpod.oval:def:5800060 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix: * lxml: NULL Pointer Dereference in lxml For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ... oval:org.secpod.oval:def:89047339 This update for python-lxml fixes the following issues: - CVE-2022-2309: Fixed NULL pointer dereference due to state leak between parser runs . oval:org.secpod.oval:def:704422 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:51182 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:705798 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:73623 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix: * python-lxml: mXSS due to the use of improper parser For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related ... oval:org.secpod.oval:def:1504900 [4.2.3-2] - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz#1901633 oval:org.secpod.oval:def:4501356 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix: * python-lxml: mXSS due to the use of improper parser For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related ... oval:org.secpod.oval:def:89047019 This update for python3-lxml fixes the following issues: - CVE-2020-27783: Fixed XSS due to the use of improper parser . oval:org.secpod.oval:def:2500495 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. oval:org.secpod.oval:def:4501332 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix: * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS For more details about the security issue, including the impact, a CVSS score ... oval:org.secpod.oval:def:605475 Kevin Chung discovered that lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input. This would allow a malicious user to mount a cross-site scripting attack. oval:org.secpod.oval:def:89046094 This update for python-lxml fixes the following issues: - CVE-2018-19787: Fixed XSS vulnerability via unescaped URL . - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped . - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs . - CVE-2020-2778 ... oval:org.secpod.oval:def:78180 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could be made to execute arbitrary code if it received a specially crafted XML or HTML file. oval:org.secpod.oval:def:78146 It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting. oval:org.secpod.oval:def:3301144 SUSE Security Update: Security update for python-lxml oval:org.secpod.oval:def:706275 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could be made to execute arbitrary code if it received a specially crafted XML or HTML file. oval:org.secpod.oval:def:19500159 There's a flaw in python-lxml's HTML Cleaner component, which is responsible for sanitizing HTML and Javascript. An attacker who is able to submit a crafted payload to a web service using python-lxml's HTML Cleaner may be able to trigger script execution in clients such as web browsers. This can occ ... oval:org.secpod.oval:def:4500899 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fix: * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through For more details about the security issue, including the impact, a CVSS score, ackn ... oval:org.secpod.oval:def:1505646 [4.2.3-4] - Security fix for CVE-2021-43818 Resolves: rhbz#2032569 oval:org.secpod.oval:def:89047596 This update for python-lxml fixes the following issues: - CVE-2018-19787: Fixed XSS vulnerability via unescaped URL . - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped . - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs . - CVE-2020-2778 ... |