Lucene search
GoogleOSV:DLA-0009-1HistoryJun 26, 2014 - 12:00 a.m.
lxml - security update
2014-06-2600:00:00
Google
osv.dev
11
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
It was discovered that clean_html() function of lxml (pythonic bindings
for the libxml2 and libxslt libraries) performed insufficient sanitisation
for some non-printable characters. This could lead to cross-site
scripting.
For Debian 6 Squeeze, these issues have been fixed in lxml version 2.2.8-2+deb6u1
Related
openvas
openvas
Debian Security Advisory DSA 2941-1 (lxml - security update)
2014-06-01 00:00:00
Mageia: Security Advisory (MGASA-2014-0218)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2941-1)
2014-05-31 00:00:00
prion
prion
Cross site scripting
2014-05-14 19:55:00
Design/Logic Flaw
2018-12-02 10:29:00
osv
osv
lxml - security update
2014-06-01 00:00:00
PYSEC-2014-9
2014-05-14 19:55:00
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
debiancve
debiancve
CVE-2014-3146
2014-05-14 19:55:00
CVE-2018-19787
2018-12-02 10:29:00
nessus
nessus
openSUSE Security Update : python-lxml (openSUSE-SU-2014:0735-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : python-lxml (MDVSA-2015:112)
2015-03-30 00:00:00
SuSE 11.3 Security Update : python-lxml (SAT Patch Number 9821)
2014-10-11 00:00:00
debian
debian
lxml security update
2014-06-26 17:10:22
lxml security update
2014-06-26 17:16:35
[SECURITY] [DSA 2941-1] lxml security update
2014-06-01 08:36:44
ubuntu
ubuntu
lxml vulnerability
2014-05-21 00:00:00
cve
cve
CVE-2014-3146
2014-05-14 19:55:00
CVE-2018-19787
2018-12-02 10:29:00
mageia
mageia
Updated python-lxml package fix CVE-2014-3146
2014-05-15 02:10:47
github
github
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
Improper Neutralization of Input During Web Page Generation in LXML
2022-05-13 01:13:21
ubuntucve
ubuntucve
CVE-2014-3146
2014-05-14 00:00:00
CVE-2018-19787
2018-12-02 00:00:00
redhatcve
redhatcve
CVE-2018-19787
2018-12-17 23:08:11
securityvulns
securityvulns
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for OSV:DLA-0009-1