[FEDORA-2021-28723f9670] Fedora 34: python-lxml
Severity
Medium
Affected Packages
1
CVEs
1
Rebase to version 4.6.3. Fix CVE-2021-28957: missing input sanitization for
formaction HTML5 attributes may lead to XSS
Package | Affected Version |
---|---|
pkg:rpm/fedora/python-lxml?distro=fedora-34 | < 4.6.3.1.fc34 |
- ID
- FEDORA-2021-28723f9670
- Severity
- medium
- Severity from
- CVE-2021-28957
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2021-28723f9670
- Published
-
2021-05-28T01:01:22
(3 years ago) - Modified
-
2021-05-28T01:01:22
(3 years ago) - Rights
- Copyright 2021 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2024-2620
- ALPINE:CVE-2021-28957
- ALSA-2021:4151
- ALSA-2021:4158
- ALSA-2021:4160
- ALSA-2021:4162
- DSA-4880-1
- ELSA-2021-4151
- ELSA-2021-4160
- ELSA-2021-4162
- ELSA-2022-9341
- FEDORA-2021-4cdb0f68c7
- GLSA-202208-06
- MS:CVE-2021-28957
- openSUSE-SU-2022:0803-1
- PYSEC-2021-19
- RHSA-2021:4151
- RHSA-2021:4158
- RHSA-2021:4160
- RHSA-2021:4162
- RLSA-2021:4151
- RLSA-2021:4160
- RLSA-2021:4162
- SUSE-SU-2022:0803-1
- SUSE-SU-2022:0895-1
- SUSE-SU-2022:1536-1
- SUSE-SU-2022:1729-1
- SUSE-SU-2022:3836-1
- SUSE-SU-2022:3934-1
- SUSE-SU-2022:3937-1
- USN-4896-1
- USN-4896-2
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1941534 | Bug #1941534 - CVE-2021-28957 python-lxml: missing input sanitization for formaction HTML5 attributes may lead to XSS | https://bugzilla.redhat.com/show_bug.cgi?id=1941534 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/python-lxml?distro=fedora-34 | fedora | python-lxml | < 4.6.3.1.fc34 | fedora-34 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |