Количество 75
Количество 75
SUSE-SU-2020:3930-1
Security update for python3
CVE-2020-27783
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
CVE-2020-27783
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
CVE-2020-27783
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
CVE-2020-27783
CVE-2020-27783
A XSS vulnerability was discovered in python-lxml's clean module. The ...
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ...
SUSE-SU-2022:3461-1
Security update for python3-lxml
SUSE-SU-2022:3460-1
Security update for python3-lxml
GHSA-pgww-xf46-h92r
lxml vulnerable to Cross-site Scripting
ELSA-2021-1898
ELSA-2021-1898: python-lxml security update (MODERATE)
BDU:2021-03620
Уязвимость модуля clean библиотеки для обработки разметки XML и HTML Lxml, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
GHSA-hc96-xw56-vfwh
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
ELSA-2021-9130
ELSA-2021-9130: python38:3.8 security update (IMPORTANT)
ELSA-2021-9129
ELSA-2021-9129: python36:3.6 security update (IMPORTANT)
ELSA-2021-9128
ELSA-2021-9128: python27:2.7 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2020:3930-1 Security update for python3 | почти 5 лет назад | ||
 | CVE-2020-27783 A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. | CVSS3: 6.1 | 1% Низкий | почти 5 лет назад |
 | CVE-2020-27783 A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. | CVSS3: 6.1 | 1% Низкий | около 5 лет назад |
 | CVE-2020-27783 A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. | CVSS3: 6.1 | 1% Низкий | почти 5 лет назад |
 | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад | |
| CVE-2020-27783 A XSS vulnerability was discovered in python-lxml's clean module. The ... | CVSS3: 6.1 | 1% Низкий | почти 5 лет назад |
| CVE-2021-3177 Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. | CVSS3: 9.8 | 0% Низкий | почти 5 лет назад |
| CVE-2021-3177 Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. | CVSS3: 5.9 | 0% Низкий | почти 5 лет назад |
| CVE-2021-3177 Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. | CVSS3: 9.8 | 0% Низкий | почти 5 лет назад |
| CVE-2021-3177 Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. | CVSS3: 9.8 | 0% Низкий | почти 5 лет назад |
| CVE-2021-3177 Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ... | CVSS3: 9.8 | 0% Низкий | почти 5 лет назад |
| SUSE-SU-2022:3461-1 Security update for python3-lxml | 1% Низкий | около 3 лет назад | |
| SUSE-SU-2022:3460-1 Security update for python3-lxml | 1% Низкий | около 3 лет назад | |
| GHSA-pgww-xf46-h92r lxml vulnerable to Cross-site Scripting | CVSS3: 6.1 | 1% Низкий | почти 5 лет назад |
| ELSA-2021-1898 ELSA-2021-1898: python-lxml security update (MODERATE) | больше 4 лет назад | ||
 | BDU:2021-03620 Уязвимость модуля clean библиотеки для обработки разметки XML и HTML Lxml, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 6.1 | 1% Низкий | почти 5 лет назад |
| GHSA-hc96-xw56-vfwh Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
| ELSA-2021-9130 ELSA-2021-9130: python38:3.8 security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-9129 ELSA-2021-9129: python36:3.6 security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-9128 ELSA-2021-9128: python27:2.7 security update (IMPORTANT) | больше 4 лет назад |
Уязвимостей на страницу