Количество 10
Количество 10
CVE-2018-19787
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.
CVE-2018-19787
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.
CVE-2018-19787
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.
CVE-2018-19787
CVE-2018-19787
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in th ...
GHSA-xp26-p53h-6h2p
Improper Neutralization of Input During Web Page Generation in LXML
BDU:2019-02732
Уязвимость компонента lxml/html/clean.py модуля lxml.html.clean библиотеки для обработки разметки XML и HTML Lxml, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
openSUSE-SU-2022:0803-1
Security update for python-lxml
SUSE-SU-2022:0895-1
Security update for python-lxml
SUSE-SU-2022:0803-1
Security update for python-lxml
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-19787 An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146. | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
 | CVE-2018-19787 An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146. | CVSS3: 4.7 | 0% Низкий | почти 7 лет назад |
 | CVE-2018-19787 An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146. | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
 | CVSS3: 6.1 | 0% Низкий | около 4 лет назад | |
| CVE-2018-19787 An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in th ... | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
| GHSA-xp26-p53h-6h2p Improper Neutralization of Input During Web Page Generation in LXML | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
 | BDU:2019-02732 Уязвимость компонента lxml/html/clean.py модуля lxml.html.clean библиотеки для обработки разметки XML и HTML Lxml, позволяющая нарушителю осуществлять межсайтовые сценарные атаки | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
 | openSUSE-SU-2022:0803-1 Security update for python-lxml | больше 3 лет назад | ||
| SUSE-SU-2022:0895-1 Security update for python-lxml | больше 3 лет назад | ||
| SUSE-SU-2022:0803-1 Security update for python-lxml | больше 3 лет назад |
Уязвимостей на страницу