CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

PT-2025-40292

Name of the Vulnerable Software and Affected Versions Poppler versions 24.06.1 through 25.04.0 Description The software is susceptible to a stack consumption issue leading to a SIGSEGV signal. This occurs when processing PDF documents containing deeply nested structures within their metadata, suc...

OESA-2024-1751 python-lxml security update

The lxml XML toolkit is a Pythonic binding for the C libraries libxml2 and libxslt. \ It is unique in that it combines the speed and XML feature completeness of these libraries with \ the simplicity of a native Python API, mostly compatible but superior to the well-known ElementTree API. \ The...

OESA-2024-1750 python-lxml security update

The lxml XML toolkit is a Pythonic binding for the C libraries libxml2 and libxslt. \ It is unique in that it combines the speed and XML feature completeness of these libraries with \ the simplicity of a native Python API, mostly compatible but superior to the well-known ElementTree API. \ The...

CVE-2024-37388

An XML External Entity XXE vulnerability in the ebookmeta.getmetadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service DoS via crafted XML input...

PYSEC-2024-76

An XML External Entity XXE vulnerability in the ebookmeta.getmetadata function of ebookmeta before v1.2.8 allows attackers to access sensitive information or cause a Denial of Service DoS via crafted XML input...

ebookmeta Security Vulnerabilities

ebookmeta is a Python library for managing metadata for epub2, epub3, and fb2 files by Dmitrii Personal Developer. A security vulnerability exists in ebookmeta versions prior to v1.2.8, which stems from an XML External Entity vulnerability in the ebookmeta.getmetadata function that could allow an...

PT-2024-27514 · Lxml · Lxml

Name of the Vulnerable Software and Affected Versions: lxml versions prior to 4.9.1 Description: An XML External Entity XXE vulnerability in the ebookmeta.get metadata function allows attackers to access sensitive information or cause a Denial of Service DoS via crafted XML input. Recommendations...

PT-2024-27172 · Ebookmeta · Ebookmeta

Name of the Vulnerable Software and Affected Versions: ebookmeta versions prior to 1.2.8 Description: An XML External Entity XXE vulnerability in the ebookmeta.get metadata function allows attackers to access sensitive information or cause a Denial of Service DoS via crafted XML input...