CVE-2011-1158

The CVE-2011-1158 issue affects the Universal Feed Parser (python-feedparser) in the feedparser.py component for 5.x until 5.0.1. The vulnerability is a cross-site scripting (XSS) flaw that enables remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme (demonstrated ...

CVE-2011-1156

CVE-2011-1156 concerns the Python feedparser (Universal Feed Parser) project. The vulnerability exists in feedparser.py (python-feedparser) prior to version 5.0.1, where a malformed DOCTYPE declaration can be exploited remotely to cause an application crash, i.e., a denial of service. The initial...

CVE-2012-2921

Universal Feed Parser (python-feedparser) vulnerable to memory‑based DoS via a crafted non‑ASCII XML ENTITY declaration in documents; affected versions before 5.1.2. Root cause is parsing/expansion of a malicious XML ENTITY, enabling remote attacker to exhaust memory. Public references note the i...

CVE-2011-1157

CVE-2011-1157 affects Universal Feed Parser (python-feedparser) 5.x up to version 5.0.0, where feedparser.py is vulnerable to cross-site scripting (XSS) via malformed XML comments. An attacker could inject arbitrary web script or HTML through crafted XML comments sent to the parser. Version 5.0.1...

CVE-2009-5065

CVE-2009-5065 is a cross-site scripting (XSS) vulnerability in the feedparser.py component of Universal Feed Parser (python-feedparser) prior to version 5.0. The flaw allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas. The issue has been disc...