lxml: Multiple Vulnerabilities

Background lxml is a Pythonic binding for the libxml2 and libxslt libraries. Description Multiple vulnerabilities have been discovered in lxml. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

USN-5225-1: lxml vulnerability

It was discovered that lxml incorrectly handled certain XML and HTML files. An attacker could possibly use this issue to execute arbitrary code...

Debian DLA-2606-1 : lxml security update

An issue has been found in lxml, a pythonic binding for the libxml2 and libxslt libraries. Due to missing input sanitization, XSS is possible for the HTML5 formaction attribute. For Debian 9 stretch, this problem has been fixed in version 3.7.1-1+deb9u4. We recommend that you upgrade your lxml...

USN-4666-1: lxml vulnerability

It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting XSS attacks...

[SECURITY] Fedora 28 Update: python-lxml-4.2.5-1.fc28

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTre e It extends the ElementTree API significantly to offer support for XPath, Relax NG, XML Schema, XSLT, C14N and much more.To contact the project...

USN-2217-1: lxml vulnerability

It was discovered that the lxml.html.clean module incorrectly stripped control characters. An attacked could potentially exploit this to conduct cross-site scripting XSS attacks...