Lucene search
RedhatCVELIST:CVE-2020-27783HistoryDec 03, 2020 - 4:39 p.m.
CVE-2020-27783
2020-12-0316:39:41
CWE-79
redhat
www.cve.org
A XSS vulnerability was discovered in python-lxml’s clean module. The module’s parser didn’t properly imitate browsers, which caused different behaviors between the sanitizer and the user’s page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
CNA Affected
[
{
"product": "python-lxml",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "lxml-4.6.2"
}
]
}
]References
advisory.checkmarx.net/advisory/CX-2020-4286
bugzilla.redhat.com/show_bug.cgi?id=1901633
lists.debian.org/debian-lts-announce/2020/12/msg00028.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/
security.netapp.com/advisory/ntap-20210521-0003/
www.debian.org/security/2020/dsa-4810
www.oracle.com//security-alerts/cpujul2021.html
Related
osv
osv
Moderate: python-lxml security update
2021-05-18 06:21:26
lxml - security update
2020-12-13 00:00:00
PYSEC-2020-62
2020-12-03 17:15:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : lxml vulnerability (USN-4666-1)
2020-12-09 00:00:00
Fedora 33 : python-lxml (2020-0e055ea503)
2021-01-14 00:00:00
Oracle Linux 8 : python-lxml (ELSA-2021-1898)
2021-05-26 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2021-1035)
2021-01-08 00:00:00
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2021-1016)
2021-01-08 00:00:00
Mageia: Security Advisory (MGASA-2021-0038)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: python-lxml-4.4.1-5.fc32
2021-01-14 01:43:47
[SECURITY] Fedora 33 Update: python-lxml-4.5.1-3.fc33
2021-01-14 01:39:59
ubuntu
ubuntu
lxml vulnerability
2020-12-11 00:00:00
lxml vulnerability
2020-12-09 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-27783 affecting package python-lxml 4.2.4-7
2021-08-11 06:39:25
CVE-2020-27783 affecting package python-lxml for versions less than 4.8.0-1
2022-04-26 19:57:36
prion
prion
Cross site scripting
2020-12-03 17:15:00
mageia
mageia
Updated python-lxml packages fix a security vulnerability
2021-01-17 19:07:01
oraclelinux
oraclelinux
python-lxml security update
2021-05-25 00:00:00
python38:3.8 security update
2021-05-25 00:00:00
python27:2.7 security and bug fix update
2021-05-25 00:00:00
cve
cve
CVE-2020-27783
2020-12-03 17:15:13
ubuntucve
ubuntucve
CVE-2020-27783
2020-12-03 00:00:00
alpinelinux
alpinelinux
CVE-2020-27783
2020-12-03 17:15:13
veracode
veracode
Cross-site Scripting (XSS)
2020-11-30 02:54:37
debiancve
debiancve
CVE-2020-27783
2020-12-03 17:15:13
debian
debian
[SECURITY] [DLA 2467-2] lxml regression update
2020-12-18 13:15:11
[SECURITY] [DSA 4810-1] lxml security update
2020-12-13 18:19:20
[SECURITY] [DLA 2467-1] lxml security update
2020-11-26 18:33:14
nvd
nvd
CVE-2020-27783
2020-12-03 17:15:13
rocky
rocky
python-lxml security update
2021-05-18 06:21:26
python38:3.8 security update
2021-05-18 06:18:31
python27:2.7 security and bug fix update
2021-05-18 06:02:07
amazon
amazon
Medium: python-lxml
2021-06-16 20:37:00
Important: python-lxml
2023-03-17 15:53:00
archlinux
archlinux
[ASA-202012-1] python-lxml: cross-site scripting
2020-12-05 00:00:00
redhat
redhat
(RHSA-2021:1898) Moderate: python-lxml security update
2021-05-18 06:21:26
(RHSA-2021:1879) Moderate: python38:3.8 security update
2021-05-18 06:18:31
(RHSA-2021:1761) Moderate: python27:2.7 security and bug fix update
2021-05-18 06:02:07
github
github
lxml vulnerable to Cross-site Scripting
2021-01-07 21:54:01
redhatcve
redhatcve
CVE-2020-27783
2020-11-25 17:22:50
suse
suse
Security update for python-lxml (moderate)
2022-11-01 00:00:00
Security update for python-lxml (important)
2022-03-10 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0072
2021-07-28 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0072
2021-07-29 00:00:00
almalinux
almalinux
Moderate: python38:3.8 security update
2021-05-18 06:18:31
Moderate: python27:2.7 security and bug fix update
2021-05-18 06:02:07
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-03-27 19:39:32
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
2021-10-19 15:38:04
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00