Lucene search
Redhat.comRH:CVE-2018-19787HistoryDec 17, 2018 - 11:08 p.m.
CVE-2018-19787
2018-12-1723:08:11
redhat.com
access.redhat.com
15
0.013 Low
EPSS
Percentile
86.0%
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by “j a v a s c r i p t:” in Internet Explorer. This is a similar issue to CVE-2014-3146.
Related
nessus
nessus
Debian DLA-1604-1 : lxml security update
2018-12-11 00:00:00
EulerOS 2.0 SP8 : python-lxml (EulerOS-SA-2020-2529)
2020-12-14 00:00:00
osv
osv
CVE-2018-19787
2018-12-02 10:29:00
PYSEC-2018-12
2018-12-02 10:29:00
Improper Neutralization of Input During Web Page Generation in LXML
2022-05-13 01:13:21
openvas
openvas
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2020-2235)
2020-10-21 00:00:00
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2020-2529)
2020-12-15 00:00:00
Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2020-2236)
2020-10-21 00:00:00
nvd
nvd
CVE-2018-19787
2018-12-02 10:29:00
CVE-2014-3146
2014-05-14 19:55:11
debian
debian
[SECURITY] [DLA 1604-1] lxml security update
2018-12-10 08:47:41
lxml security update
2014-06-26 17:16:35
[SECURITY] [DSA 2941-1] lxml security update
2014-06-01 08:36:18
cve
cve
CVE-2018-19787
2018-12-02 10:29:00
CVE-2014-3146
2014-05-14 19:55:11
github
github
Improper Neutralization of Input During Web Page Generation in LXML
2022-05-13 01:13:21
lxml Cross-site Scripting Via Control Characters
2022-05-14 04:01:59
ubuntucve
ubuntucve
CVE-2018-19787
2018-12-02 00:00:00
CVE-2014-3146
2014-05-14 00:00:00
prion
prion
Design/Logic Flaw
2018-12-02 10:29:00
Cross site scripting
2014-05-14 19:55:00
cvelist
cvelist
CVE-2018-19787
2018-12-02 10:00:00
CVE-2014-3146
2014-05-14 19:00:00
debiancve
debiancve
CVE-2018-19787
2018-12-02 10:29:00
CVE-2014-3146
2014-05-14 19:55:11
veracode
veracode
Cross-Site Scripting (XSS)
2018-09-19 01:17:20
fedora
fedora
[SECURITY] Fedora 29 Update: python-lxml-4.2.5-1.fc29
2018-12-21 19:42:19
[SECURITY] Fedora 28 Update: python-lxml-4.2.5-1.fc28
2019-01-03 02:27:09
cbl_mariner
cbl_mariner
CVE-2018-19787 affecting package python-lxml 4.2.4-7
2021-08-11 06:39:25
CVE-2018-19787 affecting package python-lxml for versions less than 4.8.0-1
2022-04-26 19:57:36
ubuntu
ubuntu
lxml vulnerability
2018-12-10 00:00:00
lxml vulnerability
2018-12-10 00:00:00
lxml vulnerability
2014-05-21 00:00:00
mageia
mageia
Updated python-lxml packages fix security vulnerability
2019-01-01 01:42:09
Updated python-lxml package fix CVE-2014-3146
2014-05-15 02:10:47
suse
suse
Security update for python-lxml (important)
2022-03-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0406
2022-06-17 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0406
2022-06-17 00:00:00
securityvulns
securityvulns
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16