Gentoo Linux Security Advisory 202208-6 - Multiple vulnerabilities have been discovered in lxml, the worst of which could result in denial of service. Versions less than 4.9.1 are affected.
6d9496250c6b1be096da8fdfc2ddf483123bdd7eda3323ea9efa66b39b901e0aRed Hat Security Advisory 2021-4151-06 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.
d49d4e9cc1d8294a10ad07970c659f1d865063f8fbef9fec6dfcfdf770c16f00Red Hat Security Advisory 2021-4160-03 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.
d4c975c8f0fd0283493287448972680095337bb6113fc44f4837d867665d4273Red Hat Security Advisory 2021-4162-05 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, double free, information leakage, and traversal vulnerabilities.
e213dc130fe6c0f9ceeb6dbc6201ba34dd61a302b188cea3f4e8ad9fc8057754Red Hat Security Advisory 2021-4158-02 - lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Issues addressed include a cross site scripting vulnerability.
8472376fba7ec24955a7559652e2b49c2c392f70a7459ea15b2eafd3c8add602Red Hat Security Advisory 2021-3254-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, cross site scripting, denial of service, information leakage, integer overflow, and traversal vulnerabilities.
f49b54d77f89082e96a8e69fc49612163d813deff1eacac5d74e788baf88efbfUbuntu Security Notice 4896-2 - USN-4896-1 fixed a vulnerability in lxml. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting attacks. Various other issues were also addressed.
f57a928b1fe28108b633e710e90b344d289d445878c2c1a598eb1bd819ee1877Ubuntu Security Notice 4896-1 - It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting attacks.
93f52472d7a4524528bf2ff0ab669aad6e78f49528a1b838c29d43bc6b763650Debian Linux Security Advisory 4880-1 - Kevin Chung discovered that lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input. This would allow a malicious user to mount a cross-site scripting attack.
5a338b50348a8a2cbfdeaaaacc36baa39c17a7577fe75e672133625039e5da13
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed