65 matches found
Mandriva Linux Security Advisory : python-feedparser (MDVSA-2011:082)
Multiple vulnerabilities has been found and corrected in python-feedparser : Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested...
[ MDVSA-2011:082 ] python-feedparser
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:082 http://www.mandriva.com/security/ Package : python-feedparser Date : May 2, 2011 Affected: 2010.0, 2010.1 Problem Description: Multiple vulnerabilities has been found and corrected in python-feedparser:...
Fedora 13 : python-feedparser-5.0.1-1.fc13 (2011-4911)
Current release: 5.0.1 - February 20, 2011 - Fix issue 91 invalid text in XML declaration causes sanitizer to crash - Fix issue 254 sanitization can be bypassed by malformed XML comments - Fix issue 255 sanitizer doesn't strip unsafe URI schemes Previous release: 5.0 - January 25, 2011 - Improved...
Fedora 14 : python-feedparser-5.0.1-1.fc14 (2011-4894)
Current release: 5.0.1 - February 20, 2011 - Fix issue 91 invalid text in XML declaration causes sanitizer to crash - Fix issue 254 sanitization can be bypassed by malformed XML comments - Fix issue 255 sanitizer doesn't strip unsafe URI schemes Previous release: 5.0 - January 25, 2011 - Improved...
Fedora 15 : python-feedparser-5.0.1-1.fc15 (2011-4988)
Current release: 5.0.1 - February 20, 2011 - Fix issue 91 invalid text in XML declaration causes sanitizer to crash - Fix issue 254 sanitization can be bypassed by malformed XML comments - Fix issue 255 sanitizer doesn't strip unsafe URI schemes Previous release: 5.0 - January 25, 2011 - Improved...
DEBIAN-CVE-2011-1158
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI...
CVE-2009-5065
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas...
DEBIAN-CVE-2009-5065
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas...
many-versioned-wheel (>=0.1.0 <=0.2.0) potentially affected by CVE-2011-1156 via feedparser (=5.0.0)
feedparser PYPI version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on feedparser and may be impacted: - many-versioned-wheel =0.1.0, =0.2.0 Source cves: CVE-2011-1156 Source advisory: OSV:PYSEC-2011-19...
PYSEC-2011-21
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI...
Cross site scripting
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments...
many-versioned-wheel (>=0.1.0 <=0.2.0) potentially affected by CVE-2011-1157 via feedparser (=5.0.0)
feedparser PYPI version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on feedparser and may be impacted: - many-versioned-wheel =0.1.0, =0.2.0 Source cves: CVE-2011-1157 Source advisory: OSV:PYSEC-2011-20...
PYSEC-2011-20
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments...
many-versioned-wheel (>=0.1.0 <=0.2.0) potentially affected by CVE-2011-1158 via feedparser (=5.0.0)
feedparser PYPI version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on feedparser and may be impacted: - many-versioned-wheel =0.1.0, =0.2.0 Source cves: CVE-2011-1158 Source advisory: OSV:PYSEC-2011-21...
CVE-2011-1156
feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0.1 allows remote attackers to cause a denial of service application crash via a malformed DOCTYPE declaration...
CVE-2009-5065
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas...
Arbitrary file deletion
feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0.1 allows remote attackers to cause a denial of service application crash via a malformed DOCTYPE declaration...
PYSEC-2011-21
Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI...
CVE-2011-1158
The CVE-2011-1158 issue affects the Universal Feed Parser (python-feedparser) in the feedparser.py component for 5.x until 5.0.1. The vulnerability is a cross-site scripting (XSS) flaw that enables remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme (demonstrated ...
CVE-2011-1156
CVE-2011-1156 concerns the Python feedparser (Universal Feed Parser) project. The vulnerability exists in feedparser.py (python-feedparser) prior to version 5.0.1, where a malformed DOCTYPE declaration can be exploited remotely to cause an application crash, i.e., a denial of service. The initial...