758 matches found
MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...
MiracleLinux 8 : python27:2.7 (AXSA:2022-3551:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3551:01 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python: ftplib should not use the host from the PASV response...
MiracleLinux 7 : python-lxml-3.2.1-4.0.1.el7.AXS7 (AXSA:2024-8989:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8989:01 advisory. CVE-2021-43818: prevent certain crafted script content passing through in HTML Cleaner CVEs: CVE-2021-43818 lxml is a library for processing XML and HTML in...
MiracleLinux 8 : python38:3.8 (AXSA:2021-2422:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2422:01 advisory. python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 python-lxml: mXSS due to the use of improper parser...
MiracleLinux 8 : python-lxml-4.2.3-4.el8 (AXSA:2022-3370:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3370:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...
MiracleLinux 8 : python-lxml-4.2.3-2.el8 (AXSA:2021-1839:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1839:01 advisory. python-lxml: mXSS due to the use of improper parser CVE-2020-27783 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : python-lxml-4.6.5-3.el9 (AXSA:2023-4609:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4609:01 advisory. lxml: NULL Pointer Dereference in lxml CVE-2022-2309 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 7 : rh-python38 (AXSA:2021-2383:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2383:01 advisory. python-cryptography: Bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python: Unsafe use of eval on data retrieved via HTTP...
MiracleLinux 8 : python27:2.7 (AXSA:2021-2829:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2829:01 advisory. python: Unsafe use of eval on data retrieved via HTTP in the test suite CVE-2020-27619 python-jinja2: ReDoS vulnerability in the urlize filter...
MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-2905:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2905:01 advisory. python: Information disclosure via pydoc CVE-2021-3426 python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python-lxml:...
MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2022-2898:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2898:01 advisory. python-psutil: Double free because of refcount mishandling CVE-2019-18874 python-jinja2: ReDoS vulnerability in the urlize filter CVE-2020-28493...
CVE-2021-33511
Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel...
python39:3.9 and python39-devel:3.9 security update
An update is available for module.python-psutil, python-packaging, module.Cython, module.python-iniconfig, module.python-wcwidth, module.python-ply, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy, module.python-attrs, Cython,...
XML External Entity (XXE)
langchaintextsplitters is vulnerable to XML External Entity XXE injection. The vulnerability is due to unsafe parsing of arbitrary XSLT stylesheets using lxml without access controls, which allows an attacker to read local files or fetch external resources accessible to the LangChain process...
EUVD-2018-0088
Malware in sbrugna...
EUVD-2014-0033
Malware in sbrugna...
EUVD-2021-0117
Malware in sbrugna...
EUVD-2020-0102
Malware in sbrugna...
EUVD-2021-0193
Malware in sbrugna...
EUVD-2021-0116
Malware in sbrugna...