Описание
ELSA-2021-1898: python-lxml security update (MODERATE)
[4.2.3-2]
- Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz#1901633
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
python3-lxml
4.2.3-2.el8
Oracle Linux x86_64
python3-lxml
4.2.3-2.el8
Связанные CVE
Связанные уязвимости
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
A XSS vulnerability was discovered in python-lxml's clean module. The ...