Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-0009-1
HistoryJun 26, 2014 - 12:00 a.m.

lxml - security update

2014-06-2600:00:00
Google
osv.dev
11

0.013 Low

EPSS

Percentile

86.0%

JSON

It was discovered that clean_html() function of lxml (pythonic bindings
for the libxml2 and libxslt libraries) performed insufficient sanitisation
for some non-printable characters. This could lead to cross-site
scripting.

For Debian 6 Squeeze, these issues have been fixed in lxml version 2.2.8-2+deb6u1

CPENameOperatorVersion
lxmleq2.2.8-2

Related

openvas 17
osv 6
debian 4
ubuntu 1
prion 2
cvelist 2
debiancve 2
cve 2
nessus 25
nvd 2
mageia 1
ubuntucve 2
github 2
redhatcve 1
securityvulns 1
ibm 1
openvas
openvas
Ubuntu: Security Advisory (USN-2217-1)
2014-05-26 00:00:00
Debian: Security Advisory (DLA-1604-1)
2018-12-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1282-1)
2021-06-09 00:00:00
osv
osv
PYSEC-2014-9
2014-05-14 19:55:00
lxml - security update
2014-06-01 00:00:00
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
debian
debian
lxml security update
2014-06-26 17:10:22
lxml security update
2014-06-26 17:16:35
[SECURITY] [DSA 2941-1] lxml security update
2014-06-01 08:36:18
ubuntu
ubuntu
lxml vulnerability
2014-05-21 00:00:00
prion
prion
Cross site scripting
2014-05-14 19:55:00
Design/Logic Flaw
2018-12-02 10:29:00
cvelist
cvelist
CVE-2014-3146
2014-05-14 19:00:00
CVE-2018-19787
2018-12-02 10:00:00
debiancve
debiancve
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
cve
cve
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
nessus
nessus
Mandriva Linux Security Advisory : python-lxml (MDVSA-2014:088)
2014-05-16 00:00:00
SuSE 11.3 Security Update : python-lxml (SAT Patch Number 9821)
2014-10-11 00:00:00
Mandriva Linux Security Advisory : python-lxml (MDVSA-2015:112)
2015-03-30 00:00:00
nvd
nvd
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
mageia
mageia
Updated python-lxml package fix CVE-2014-3146
2014-05-15 02:10:47
ubuntucve
ubuntucve
CVE-2014-3146
2014-05-14 00:00:00
CVE-2018-19787
2018-12-02 00:00:00
github
github
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
Improper Neutralization of Input During Web Page Generation in LXML
2022-05-13 01:13:21
redhatcve
redhatcve
CVE-2018-19787
2018-12-17 23:08:11
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-05-10 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16

0.013 Low

EPSS

Percentile

86.0%

JSON
Related for OSV:DLA-0009-1
openvas17osv6debian4ubuntu1prion2cvelist2debiancve2cve2nessus25nvd2mageia1ubuntucve2github2redhatcve1securityvulns1ibm1