Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3146HistoryMay 14, 2014 - 7:55 p.m.
CVE-2014-3146
2014-05-1419:55:11
Debian Security Bug Tracker
security-tracker.debian.org
17
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
86.0%
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | lxml | < 3.3.5-1 | lxml_3.3.5-1_all.deb |
| Debian | 11 | all | lxml | < 3.3.5-1 | lxml_3.3.5-1_all.deb |
| Debian | 999 | all | lxml | < 3.3.5-1 | lxml_3.3.5-1_all.deb |
| Debian | 13 | all | lxml | < 3.3.5-1 | lxml_3.3.5-1_all.deb |
Related
openvas
openvas
Debian Security Advisory DSA 2941-1 (lxml - security update)
2014-06-01 00:00:00
Ubuntu: Security Advisory (USN-2217-1)
2014-05-26 00:00:00
Debian: Security Advisory (DLA-1604-1)
2018-12-10 00:00:00
osv
osv
lxml - security update
2014-06-01 00:00:00
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
PYSEC-2014-9
2014-05-14 19:55:00
prion
prion
Cross site scripting
2014-05-14 19:55:00
Design/Logic Flaw
2018-12-02 10:29:00
cvelist
cvelist
CVE-2014-3146
2014-05-14 19:00:00
CVE-2018-19787
2018-12-02 10:00:00
debian
debian
lxml security update
2014-06-26 17:16:35
[SECURITY] [DSA 2941-1] lxml security update
2014-06-01 08:36:18
lxml security update
2014-06-26 17:10:22
ubuntucve
ubuntucve
CVE-2014-3146
2014-05-14 00:00:00
CVE-2018-19787
2018-12-02 00:00:00
github
github
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
Improper Neutralization of Input During Web Page Generation in LXML
2022-05-13 01:13:21
nessus
nessus
Ubuntu 14.04 LTS : lxml vulnerability (USN-2217-1)
2014-05-22 00:00:00
Debian DSA-2941-1 : lxml - security update
2014-06-03 00:00:00
Mandriva Linux Security Advisory : python-lxml (MDVSA-2014:088)
2014-05-16 00:00:00
mageia
mageia
Updated python-lxml package fix CVE-2014-3146
2014-05-15 02:10:47
ubuntu
ubuntu
lxml vulnerability
2014-05-21 00:00:00
cve
cve
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
nvd
nvd
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
debiancve
debiancve
CVE-2018-19787
2018-12-02 10:29:00
redhatcve
redhatcve
CVE-2018-19787
2018-12-17 23:08:11
securityvulns
securityvulns
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
86.0%
Related for DEBIANCVE:CVE-2014-3146