what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2020-27783

Status Candidate

Overview

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

Related Files

Red Hat Security Advisory 2021-3254-01
Posted Aug 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3254-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, cross site scripting, denial of service, information leakage, integer overflow, and traversal vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2020-25659, CVE-2020-27619, CVE-2020-27783, CVE-2020-28493, CVE-2020-36242, CVE-2021-20095, CVE-2021-23336, CVE-2021-28957, CVE-2021-29921, CVE-2021-3177, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572
MD5 | 70a4248bf0bf2e0433ba6e3b6f69dd2b
Red Hat Security Advisory 2021-2479-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2479-01 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-13012, CVE-2019-14866, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-25659, CVE-2020-25678, CVE-2020-26116, CVE-2020-26137, CVE-2020-27618, CVE-2020-27619, CVE-2020-27783, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-36242, CVE-2020-8231
MD5 | ab1ddf71e1b9a05b6be7d4ee52a51220
Red Hat Security Advisory 2021-1879-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1879-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, crlf injection, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-27783, CVE-2021-3177
MD5 | dd379da9015a34f017fb9dcca19fa7d2
Red Hat Security Advisory 2021-1898-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1898-01 - lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss, python
systems | linux, redhat
advisories | CVE-2020-27783
MD5 | 26483f7d3b0e3179ed1bc991287ee12e
Red Hat Security Advisory 2021-1761-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1761-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include buffer overflow, crlf injection, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2020-27783, CVE-2021-3177
MD5 | ac197e885543e428920a0f5c6ea5cfe9
Ubuntu Security Notice USN-4666-2
Posted Dec 11, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4666-2 - USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2020-27783
MD5 | 3795fad2ebbcace586aa3ec37a6a6597
Ubuntu Security Notice USN-4666-1
Posted Dec 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4666-1 - It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2020-27783
MD5 | e97ad9d2b142cb39ff0e56851b058ee8
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close