MiracleLinux 8 : python-lxml-4.2.3-2.el8 (AXSA:2021-1839:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1839:01 advisory. python-lxml: mXSS due to the use of improper parser CVE-2020-27783 Tenable has extracted the preceding description block directly from the MiracleLinux...

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2025-1478)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: python-lxml

Issue Overview: There's a flaw in python-lxml's HTML Cleaner component, which is responsible for sanitizing HTML and Javascript. An attacker who is able to submit a crafted payload to a web service using python-lxml's HTML Cleaner may be able to trigger script execution in clients such as web...

AZL-10059 CVE-2022-2309 affecting package python-lxml for versions less than 4.9.1-1

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

Security update for python-lxml (important)

openSUSE Security Update: Security update for python-lxml Announcement ID: openSUSE-SU-2022:0803-1 Rating: important References: 1118088 1179534 1184177 1193752 Cross-References: CVE-2018-19787 CVE-2020-27783 CVE-2021-28957 CVE-2021-43818 CVSS scores: CVE-2018-19787 NVD : 6.1...