Lucene search
+L

54 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: python-lxml (TSSA-2022:0172)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0172 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.2CVSS7.8AI score0.04002EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/08/17 12:0 a.m.26 views

Amazon Linux 2 : python-lxml (ALAS-2024-2620)

The version of python-lxml installed on the remote host is prior to 3.2.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2620 advisory. An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and...

6.1CVSS7.7AI score0.04002EPSS
Exploits1References4
Amazon
Amazon
added 2024/08/06 12:0 a.m.24 views

Medium: python-lxml

Issue Overview: An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this...

6.1CVSS7AI score0.04002EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 6 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 - An iss...

7.6AI score0.06333EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.33 views

RHEL 7 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 - An iss...

6.8AI score0.06333EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.32 views

Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0215)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0215 advisory. - Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very...

8.8CVSS7.7AI score0.0828EPSS
Exploits3References10
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2023-1286)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.3AI score0.04002EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2022:3934-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.04002EPSS
Exploits1References2
OSV
OSV
added 2022/11/10 12:36 p.m.8 views

SUSE-SU-2022:3937-1 Security update for python3-lxml

This update for python3-lxml fixes the following issues: - CVE-2021-28957: Fixed XSS due to missing input sanitization for HTML5 attributes bsc1184177...

6.1CVSS6.9AI score0.04002EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.35 views

GLSA-202208-06 : lxml: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-06 lxml: Multiple Vulnerabilities - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the...

8.2CVSS6.9AI score0.04002EPSS
Exploits2References7
Oracle linux
Oracle linux
added 2022/05/17 12:0 a.m.134 views

python39:3.9 and python39-devel:3.9 security update

modwsgi 4.7.1-4 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 4.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 4.7.1-2 - Rebuilt for Python 3.9 4.7.1-1 - update to 4.7.1 1721376 python39 3.9.7-1 - Update to 3.9.7 Resolves: rhbz2003102...

8.2CVSS0.1AI score0.04002EPSS
Exploits2
CBLMariner
CBLMariner
added 2022/04/26 7:57 p.m.21 views

CVE-2021-28957 affecting package python-lxml for versions less than 4.8.0-1

CVE-2021-28957 affecting package python-lxml for versions less than 4.8.0-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS7AI score0.04002EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/03/23 12:0 a.m.33 views

openSUSE: Security Advisory for python-lxml (openSUSE-SU-2022:0803-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS7.7AI score0.04002EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.36 views

SUSE SLED15 / SLES15 Security Update : python-lxml (SUSE-SU-2022:0803-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0803-1 advisory. - An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remo...

8.2CVSS7.2AI score0.04002EPSS
Exploits3References13
OSV
OSV
added 2022/03/10 4:36 p.m.10 views

OPENSUSE-SU-2022:0803-1 Security update for python-lxml

This update for python-lxml fixes the following issues: - CVE-2018-19787: Fixed XSS vulnerability via unescaped URL bsc1118088. - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped bsc1184177. - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data...

8.2CVSS6.5AI score0.04002EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.28 views

AlmaLinux 8 : python-lxml (ALSA-2021:4158)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4158 advisory. - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class...

6.1CVSS7.7AI score0.04002EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2021-0246)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7AI score0.04002EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2022/01/07 12:0 a.m.25 views

EulerOS Virtualization 3.0.2.6 : python-lxml (EulerOS-SA-2021-2907)

According to the versions of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and...

6.1CVSS7.6AI score0.04002EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2021-2907)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.04002EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/12/29 12:0 a.m.50 views

EulerOS Virtualization 3.0.2.0 : python-lxml (EulerOS-SA-2021-2830)

According to the versions of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and...

6.1CVSS7.6AI score0.04002EPSS
Exploits1References2
Rows per page
Query Builder