Lucene search
SuseSUSE-SU-2022:3836-1HistoryNov 01, 2022 - 12:00 a.m.
Security update for python-lxml (moderate)
2022-11-0100:00:00
lists.opensuse.org
29
python-lxml
security update
vulnerabilities
xss
html5
attributes
opensuse leap 15.3
patch
EPSS
0.004
Percentile
73.0%
An update that fixes two vulnerabilities is now available.
Description:
This update for python-lxml fixes the following issues:
- CVE-2021-28957: Fixed XSS due to missing input sanitization for HTML5
attributes (bsc#1184177).
- CVE-2020-27783: Fixed XSS due to the use of improper parser
(bsc#1179534).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3836=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.3 | noarch | < - openSUSE Leap 15.3 (noarch): | - openSUSE Leap 15.3 (noarch):.noarch.rpm |
Related
nessus
nessus
openSUSE 15 Security Update : python-lxml (SUSE-SU-2022:3836-1)
2023-01-20 00:00:00
Photon OS 4.0: Python3 PHSA-2021-4.0-0072
2021-08-10 00:00:00
SUSE SLED15 / SLES15 Security Update : python-lxml (SUSE-SU-2022:0803-1)
2022-03-11 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0072
2021-07-28 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0072
2021-07-29 00:00:00
openvas
openvas
openSUSE: Security Advisory for python-lxml (openSUSE-SU-2022:0803-1)
2022-03-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0803-1)
2022-03-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0895-1)
2022-03-18 00:00:00
suse
suse
Security update for python-lxml (important)
2022-03-10 00:00:00
osv
osv
lxml - security update
2021-03-29 00:00:00
lxml vulnerability
2021-04-08 12:46:21
python36-translate-toolkit-3.3.6-1.3 on GA media
2024-06-15 00:00:00
ubuntucve
ubuntucve
CVE-2021-28957
2021-03-21 00:00:00
CVE-2020-27783
2020-12-03 00:00:00
alpinelinux
alpinelinux
CVE-2021-28957
2021-03-21 05:15:13
CVE-2020-27783
2020-12-03 17:15:13
prion
prion
Cross site scripting
2021-03-21 05:15:00
Cross site scripting
2020-12-03 17:15:00
github
github
lxml vulnerable to Cross-Site Scripting
2021-03-22 16:53:53
lxml vulnerable to Cross-site Scripting
2021-01-07 21:54:01
rocky
rocky
python-lxml security update
2021-11-09 08:26:20
python-lxml security update
2021-05-18 06:21:26
python38:3.8 security update
2021-05-18 06:18:31
cbl_mariner
cbl_mariner
CVE-2020-27783 affecting package python-lxml 4.2.4-7
2021-08-11 06:39:25
CVE-2020-27783 affecting package python-lxml for versions less than 4.8.0-1
2022-04-26 19:57:36
CVE-2021-28957 affecting package python-lxml 4.2.4-7
2021-08-11 06:39:25
fedora
fedora
[SECURITY] Fedora 32 Update: python-lxml-4.4.1-5.fc32
2021-01-14 01:43:47
[SECURITY] Fedora 33 Update: python-lxml-4.5.1-3.fc33
2021-01-14 01:39:59
[SECURITY] Fedora 34 Update: python-lxml-4.6.3-1.fc34
2021-05-28 01:01:22
ubuntu
ubuntu
lxml vulnerability
2020-12-11 00:00:00
lxml vulnerability
2020-12-09 00:00:00
lxml vulnerability
2021-04-08 00:00:00
debiancve
debiancve
CVE-2021-28957
2021-03-21 05:15:13
CVE-2020-27783
2020-12-03 17:15:13
redhatcve
redhatcve
CVE-2021-28957
2021-03-22 10:58:48
CVE-2020-27783
2020-11-25 17:22:50
veracode
veracode
Cross-site Scripting (XSS)
2021-03-22 05:25:18
Cross-site Scripting (XSS)
2020-11-30 02:54:37
mageia
mageia
Updated python-lxml packages fix a security vulnerability
2021-01-17 19:07:01
Updated python-lxml packages fix a security vulnerability
2021-06-14 00:32:39
cve
cve
CVE-2020-27783
2020-12-03 17:15:13
CVE-2021-28957
2021-03-21 05:15:13
oraclelinux
oraclelinux
python-lxml security update
2021-05-25 00:00:00
python38:3.8 security update
2021-05-25 00:00:00
python27:2.7 security and bug fix update
2021-05-25 00:00:00
debian
debian
[SECURITY] [DSA 4810-1] lxml security update
2020-12-13 18:19:20
[SECURITY] [DLA 2467-2] lxml regression update
2020-12-18 13:14:42
[SECURITY] [DSA 4880-1] lxml security update
2021-03-29 16:20:53
nvd
nvd
CVE-2020-27783
2020-12-03 17:15:13
CVE-2021-28957
2021-03-21 05:15:13
cvelist
cvelist
CVE-2021-28957
2021-03-21 04:39:35
CVE-2020-27783
2020-12-03 16:39:41
amazon
amazon
Medium: python-lxml
2024-08-01 03:01:00
Medium: python-lxml
2021-06-16 20:37:00
Important: python-lxml
2023-03-17 15:53:00
almalinux
almalinux
Moderate: python-lxml security update
2021-11-09 08:26:20
Moderate: python38:3.8 security update
2021-05-18 06:18:31
Moderate: python27:2.7 security and bug fix update
2021-05-18 06:02:07
redhat
redhat
(RHSA-2021:4158) Moderate: python-lxml security update
2021-11-09 08:26:20
(RHSA-2021:1898) Moderate: python-lxml security update
2021-05-18 06:21:26
(RHSA-2021:1879) Moderate: python38:3.8 security update
2021-05-18 06:18:31
archlinux
archlinux
[ASA-202012-1] python-lxml: cross-site scripting
2020-12-05 00:00:00
gentoo
gentoo
lxml: Multiple Vulnerabilities
2022-08-10 00:00:00