CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AlmaLinux•added 2022/05/10 8:8 a.m.•59 views

Moderate: python-lxml security update

8.2CVSS0.3AI score0.05428EPSS

Rockylinux•added 2022/05/10 6:23 a.m.•37 views

python38:3.8 and python38-devel:3.8 security update

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, modwsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe,...

8.2CVSS7.7AI score0.05428EPSS

Exploits3

Tenable Nessus•added 2022/05/10 12:0 a.m.•37 views

CentOS 8 : python-lxml (CESA-2022:1932)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:1932 advisory. - python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Note that Nessus has not tested for this issue but has instea...

Tenable Nessus•added 2022/05/10 12:0 a.m.•46 views

CentOS 8 : python38:3.8 and python38-devel:3.8 (CESA-2022:1764)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1764 advisory. - python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 - python: urllib: HTTP client possible infinite loop on a 100 Contin...

8.2CVSS7.1AI score0.05428EPSS

Exploits3References5

OpenVAS•added 2022/05/09 12:0 a.m.•21 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-1691)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tenable Nessus•added 2022/05/07 12:0 a.m.•23 views

EulerOS Virtualization 3.0.2.0 : python-lxml (EulerOS-SA-2022-1691)

According to the versions of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html...

RedHat Linux•added 2022/05/02 8:8 a.m.•39 views

Moderate: Red Hat Security Advisory: Red Hat Software Collections security update

An update for rh-python38-python, rh-python38-python-lxml, and rh-python38-python-pip is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.2CVSS6.5AI score0.05428EPSS

Exploits0References4

RedHat Linux•added 2022/05/02 8:8 a.m.•1 views

python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through

There's a flaw in python-lxml's HTML Cleaner component, which is responsible for sanitizing HTML and Javascript. An attacker who is able to submit a crafted payload to a web service using python-lxml's HTML Cleaner may be able to trigger script execution in clients such as web browsers. This can...

Tenable Nessus•added 2022/05/02 12:0 a.m.•15 views

Exploits0References5

RHEL 7 : Red Hat Software Collections (RHSA-2022:1664)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1664 advisory. lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: python-lxml: HT...

CBLMariner•added 2022/04/26 7:57 p.m.•20 views

Exploits0References7

CVE-2021-43818 affecting package python-lxml for versions less than 4.8.0-1

CVE-2021-43818 affecting package python-lxml for versions less than 4.8.0-1. An upgraded version of the package is available that resolves this issue...

8.2CVSS7.5AI score0.05428EPSS

Exploits0

CBLMariner•added 2022/04/26 7:57 p.m.•21 views

CVE-2020-27783 affecting package python-lxml for versions less than 4.8.0-1

CVE-2020-27783 affecting package python-lxml for versions less than 4.8.0-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS6.9AI score0.01246EPSS

Exploits1

CBLMariner•added 2022/04/26 7:57 p.m.•15 views

CVE-2021-28957 affecting package python-lxml for versions less than 4.8.0-1

CVE-2021-28957 affecting package python-lxml for versions less than 4.8.0-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS7AI score0.00518EPSS

Exploits1

CBLMariner•added 2022/04/26 7:57 p.m.•16 views

CVE-2018-19787 affecting package python-lxml for versions less than 4.8.0-1

CVE-2018-19787 affecting package python-lxml for versions less than 4.8.0-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS6.7AI score0.00525EPSS

Exploits1

OpenVAS•added 2022/04/20 12:0 a.m.•30 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-1435)

OpenVAS•added 2022/04/20 12:0 a.m.•31 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-1513)

Tenable Nessus•added 2022/04/20 12:0 a.m.•23 views

EulerOS 2.0 SP10 : python-lxml (EulerOS-SA-2022-1494)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain...

OpenVAS•added 2022/04/20 12:0 a.m.•19 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-1494)