Lucene search
Gentoo FoundationMGASA-2021-0595HistoryDec 30, 2021 - 7:41 p.m.
Updated python-lxml packages fix security vulnerability
2021-12-3019:41:51
Gentoo Foundation
advisories.mageia.org
18
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
0.006 Low
EPSS
Percentile
78.0%
HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | python-lxml | < 4.6.5-1 | python-lxml-4.6.5-1.mga8 |
Related
amazon
amazon
Important: python-lxml
2023-02-17 00:12:00
Important: python-lxml
2023-03-17 15:53:00
nessus
nessus
Rocky Linux 8 : python-lxml (RLSA-2022:1932)
2023-11-07 00:00:00
CentOS 8 : python-lxml (CESA-2022:1932)
2022-05-10 00:00:00
EulerOS 2.0 SP3 : python-lxml (EulerOS-SA-2022-1758)
2022-05-26 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-43818 affecting package python-lxml 4.6.3-1
2022-01-10 03:59:19
CVE-2021-43818 affecting package python-lxml for versions less than 4.8.0-1
2022-04-26 19:57:36
openvas
openvas
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-2064)
2022-07-14 00:00:00
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-2036)
2022-07-14 00:00:00
Fedora: Security Advisory for mingw-python-lxml (FEDORA-2021-9f9e7c5c4f)
2021-12-27 00:00:00
ubuntucve
ubuntucve
CVE-2021-43818
2021-12-13 00:00:00
almalinux
almalinux
Moderate: python-lxml security update
2022-05-10 08:08:19
Moderate: python39:3.9 and python39-devel:3.9 security update
2022-05-10 08:00:02
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
osv
osv
lxml - security update
2021-12-30 00:00:00
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
2021-12-13 18:14:36
CVE-2021-43818
2021-12-13 18:15:08
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in lxml (CVE-2021-43818)
2023-01-12 21:59:00
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-06-16 15:20:09
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-03-27 19:39:32
redhat
redhat
(RHSA-2022:1664) Moderate: Red Hat Software Collections security update
2022-05-02 07:48:56
(RHSA-2022:1932) Moderate: python-lxml security update
2022-05-10 08:08:19
redos
redos
ROS-20220125-14
2022-01-25 00:00:00
debiancve
debiancve
CVE-2021-43818
2021-12-13 18:15:08
fedora
fedora
[SECURITY] Fedora 35 Update: python-lxml-4.6.5-1.fc35
2022-01-15 01:22:48
[SECURITY] Fedora 34 Update: python-lxml-4.6.5-1.fc34
2022-01-23 01:06:23
[SECURITY] Fedora 35 Update: mingw-python-lxml-4.6.5-1.fc35
2021-12-26 01:27:14
oraclelinux
oraclelinux
python-lxml security update
2022-05-17 00:00:00
python39:3.9 and python39-devel:3.9 security update
2022-05-17 00:00:00
python38:3.8 and python38-devel:3.8 security update
2022-05-17 00:00:00
debian
debian
[SECURITY] [DLA 2871-1] lxml security update
2021-12-30 17:05:05
[SECURITY] [DSA 5043-1] lxml security update
2022-01-12 21:59:01
cve
cve
CVE-2021-43818
2021-12-13 18:15:08
cvelist
cvelist
redhatcve
redhatcve
CVE-2021-43818
2021-12-14 18:18:50
veracode
veracode
Cross-site Scripting (XSS)
2021-12-14 02:31:11
ubuntu
ubuntu
lxml vulnerability
2022-01-12 00:00:00
rocky
rocky
python39:3.9 and python39-devel:3.9 security update
2022-05-10 08:00:02
python-lxml security update
2022-05-10 08:08:19
python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
github
github
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
2021-12-13 18:14:36
alpinelinux
alpinelinux
CVE-2021-43818
2021-12-13 18:15:08
prion
prion
Hardcoded credentials
2021-12-13 18:15:00
nvd
nvd
CVE-2021-43818
2021-12-13 18:15:08
gentoo
gentoo
lxml: Multiple Vulnerabilities
2022-08-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0144
2022-01-05 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0144
2022-01-11 00:00:00
Critical Photon OS Security Update - PHSA-2022-0358
2022-02-07 00:00:00
suse
suse
Security update for python-lxml (important)
2022-03-10 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
0.006 Low
EPSS
Percentile
78.0%
Related for MGASA-2021-0595