Количество 64
Количество 64
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
CVE-2021-43818
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language. ...
GHSA-75jm-2xrg-5wpf
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
BDU:2022-02302
Уязвимость модуля urllib.parse интерпретатора языка программирования Python, позволяющая нарушителю внедрить произвольные данные в ответ сервера
RLSA-2022:1932
Moderate: python-lxml security update
RLSA-2022:1763
Moderate: python39:3.9 and python39-devel:3.9 security update
GHSA-55x5-fj6c-h6m8
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
ELSA-2022-1932
ELSA-2022-1932: python-lxml security update (MODERATE)
ELSA-2022-1763
ELSA-2022-1763: python39:3.9 and python39-devel:3.9 security update (MODERATE)
BDU:2022-00756
Уязвимость реализации модуля Class Cleaner библиотеки для обработки разметки XML и HTML Lxml, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
SUSE-SU-2022:1140-1
Security update for python
SUSE-SU-2022:0882-1
Security update for python3
ROS-20220407-03
Множественные уязвимости Python
ELSA-2023-3550
ELSA-2023-3550: python security update (IMPORTANT)
ELSA-2022-6457
ELSA-2022-6457: python3 security update (MODERATE)
ROS-20220125-14
Уязвимость библиотеки Lxml
openSUSE-SU-2022:1091-1
Security update for python
SUSE-SU-2022:1091-1
Security update for python
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-43818 lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. | CVSS3: 8.8 | 3% Низкий | больше 3 лет назад |
 | CVE-2021-43818 lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. | CVSS3: 8.2 | 3% Низкий | больше 3 лет назад |
 | CVSS3: 7.1 | 3% Низкий | больше 3 лет назад | |
| CVE-2021-43818 lxml is a library for processing XML and HTML in the Python language. ... | CVSS3: 8.2 | 3% Низкий | больше 3 лет назад |
| GHSA-75jm-2xrg-5wpf A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | 1% Низкий | больше 3 лет назад | |
 | BDU:2022-02302 Уязвимость модуля urllib.parse интерпретатора языка программирования Python, позволяющая нарушителю внедрить произвольные данные в ответ сервера | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | RLSA-2022:1932 Moderate: python-lxml security update | 3% Низкий | около 3 лет назад | |
| RLSA-2022:1763 Moderate: python39:3.9 and python39-devel:3.9 security update | 3% Низкий | около 3 лет назад | |
| GHSA-55x5-fj6c-h6m8 lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through | CVSS3: 8.2 | 3% Низкий | больше 3 лет назад |
| ELSA-2022-1932 ELSA-2022-1932: python-lxml security update (MODERATE) | около 3 лет назад | ||
| ELSA-2022-1763 ELSA-2022-1763: python39:3.9 and python39-devel:3.9 security update (MODERATE) | около 3 лет назад | ||
| BDU:2022-00756 Уязвимость реализации модуля Class Cleaner библиотеки для обработки разметки XML и HTML Lxml, позволяющая нарушителю осуществлять межсайтовые сценарные атаки | CVSS3: 8.2 | 3% Низкий | больше 3 лет назад |
 | SUSE-SU-2022:1140-1 Security update for python | около 3 лет назад | ||
| SUSE-SU-2022:0882-1 Security update for python3 | больше 3 лет назад | ||
 | ROS-20220407-03 Множественные уязвимости Python | около 3 лет назад | ||
| ELSA-2023-3550 ELSA-2023-3550: python security update (IMPORTANT) | почти 2 года назад | ||
| ELSA-2022-6457 ELSA-2022-6457: python3 security update (MODERATE) | почти 3 года назад | ||
| ROS-20220125-14 Уязвимость библиотеки Lxml | 3% Низкий | больше 3 лет назад | |
| openSUSE-SU-2022:1091-1 Security update for python | около 3 лет назад | ||
| SUSE-SU-2022:1091-1 Security update for python | около 3 лет назад |
Уязвимостей на страницу