Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2941-1
HistoryJun 01, 2014 - 12:00 a.m.

lxml - security update

2014-06-0100:00:00
Google
osv.dev
9

0.013 Low

EPSS

Percentile

86.0%

JSON

It was discovered that clean_html() function of lxml (pythonic bindings
for the libxml2 and libxslt libraries) performed insufficient
sanitisation for some non-printable characters. This could lead to
cross-site scripting.

For the stable distribution (wheezy), this problem has been fixed in
version 2.3.2-1+deb7u1.

For the testing distribution (jessie), this problem has been fixed in
version 3.3.5-1.

For the unstable distribution (sid), this problem has been fixed in
version 3.3.5-1.

We recommend that you upgrade your lxml packages.

CPENameOperatorVersion
lxmleq2.3.2-1

Related

openvas 17
prion 2
cvelist 2
debiancve 2
debian 4
ubuntucve 2
github 2
osv 6
nessus 25
mageia 1
ubuntu 1
cve 2
nvd 2
redhatcve 1
securityvulns 1
ibm 1
openvas
openvas
Debian Security Advisory DSA 2941-1 (lxml - security update)
2014-06-01 00:00:00
Ubuntu: Security Advisory (USN-2217-1)
2014-05-26 00:00:00
Debian: Security Advisory (DLA-1604-1)
2018-12-10 00:00:00
prion
prion
Cross site scripting
2014-05-14 19:55:00
Design/Logic Flaw
2018-12-02 10:29:00
cvelist
cvelist
CVE-2014-3146
2014-05-14 19:00:00
CVE-2018-19787
2018-12-02 10:00:00
debiancve
debiancve
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
debian
debian
lxml security update
2014-06-26 17:16:35
[SECURITY] [DSA 2941-1] lxml security update
2014-06-01 08:36:18
lxml security update
2014-06-26 17:10:22
ubuntucve
ubuntucve
CVE-2014-3146
2014-05-14 00:00:00
CVE-2018-19787
2018-12-02 00:00:00
github
github
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
Improper Neutralization of Input During Web Page Generation in LXML
2022-05-13 01:13:21
osv
osv
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
PYSEC-2014-9
2014-05-14 19:55:00
lxml - security update
2014-06-26 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : lxml vulnerability (USN-2217-1)
2014-05-22 00:00:00
Debian DSA-2941-1 : lxml - security update
2014-06-03 00:00:00
Mandriva Linux Security Advisory : python-lxml (MDVSA-2014:088)
2014-05-16 00:00:00
mageia
mageia
Updated python-lxml package fix CVE-2014-3146
2014-05-15 02:10:47
ubuntu
ubuntu
lxml vulnerability
2014-05-21 00:00:00
cve
cve
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
nvd
nvd
CVE-2014-3146
2014-05-14 19:55:11
CVE-2018-19787
2018-12-02 10:29:00
redhatcve
redhatcve
CVE-2018-19787
2018-12-17 23:08:11
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-05-10 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16

0.013 Low

EPSS

Percentile

86.0%

JSON
Related for OSV:DSA-2941-1
openvas17prion2cvelist2debiancve2debian4ubuntucve2github2osv6nessus25mageia1ubuntu1cve2nvd2redhatcve1securityvulns1ibm1