[openSUSE-SU-2022:0803-1] Security update for python-lxml
Severity
Important
Affected Packages
16
CVEs
4
Security update for python-lxml
This update for python-lxml fixes the following issues:
- CVE-2018-19787: Fixed XSS vulnerability via unescaped URL (bsc#1118088).
- CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped (bsc#1184177).
- CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs (bnc#1193752).
- CVE-2020-27783: Fixed mutation XSS with improper parser use (bnc#1179534).
- ID
- openSUSE-SU-2022:0803-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CXPBEANDVGCE6ASRYRQYWM4CLYAJ6TAE/
- Published
-
2022-03-10T16:36:12
(2 years ago) - Modified
-
2022-03-10T16:36:12
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1709
- ALAS2-2021-1666
- ALAS2-2023-1956
- ALAS2-2024-2620
- ALPINE:CVE-2020-27783
- ALPINE:CVE-2021-28957
- ALPINE:CVE-2021-43818
- ALSA-2021:1761
- ALSA-2021:1879
- ALSA-2021:4151
- ALSA-2021:4158
- ALSA-2021:4160
- ALSA-2021:4162
- ALSA-2022:1763
- ALSA-2022:1764
- ALSA-2022:1821
- ALSA-2022:1932
- ASA-202012-1
- DSA-4810-1
- DSA-4880-1
- DSA-5043-1
- ELSA-2021-1761
- ELSA-2021-1879
- ELSA-2021-1898
- ELSA-2021-4151
- ELSA-2021-4160
- ELSA-2021-4162
- ELSA-2022-1763
- ELSA-2022-1764
- ELSA-2022-1821
- ELSA-2022-1932
- ELSA-2022-9341
- FEDORA-2018-4be0428ab2
- FEDORA-2018-67e98d4b7a
- FEDORA-2020-0e055ea503
- FEDORA-2020-307946cfb6
- FEDORA-2021-28723f9670
- FEDORA-2021-4cdb0f68c7
- FEDORA-2021-6e8fb79f90
- FEDORA-2021-9f9e7c5c4f
- FEDORA-2022-7129fbaeed
- FEDORA-2022-96c79bf003
- GLSA-202208-06
- MS:CVE-2018-19787
- MS:CVE-2020-27783
- MS:CVE-2021-28957
- MS:CVE-2021-43818
- PYSEC-2018-12
- PYSEC-2020-62
- PYSEC-2021-19
- PYSEC-2021-852
- RHSA-2021:1761
- RHSA-2021:1879
- RHSA-2021:1898
- RHSA-2021:4151
- RHSA-2021:4158
- RHSA-2021:4160
- RHSA-2021:4162
- RHSA-2022:1763
- RHSA-2022:1764
- RHSA-2022:1821
- RHSA-2022:1932
- RLSA-2021:1761
- RLSA-2021:1879
- RLSA-2021:4151
- RLSA-2021:4160
- RLSA-2021:4162
- RLSA-2022:1763
- RLSA-2022:1764
- RLSA-2022:1821
- RLSA-2022:1932
- RLSA-2022:5498
- SUSE-SU-2022:0803-1
- SUSE-SU-2022:0895-1
- SUSE-SU-2022:1536-1
- SUSE-SU-2022:1729-1
- SUSE-SU-2022:3460-1
- SUSE-SU-2022:3461-1
- SUSE-SU-2022:3836-1
- SUSE-SU-2022:3934-1
- SUSE-SU-2022:3937-1
- USN-3841-1
- USN-3841-2
- USN-4666-1
- USN-4666-2
- USN-4896-1
- USN-4896-2
- USN-5225-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/python3-lxml?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | python3-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/python3-lxml?arch=s390x&distro=opensuse-leap-15.3 | opensuse | python3-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/python3-lxml?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | python3-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/python3-lxml?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | python3-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/python3-lxml-devel?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | python3-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/python3-lxml-devel?arch=s390x&distro=opensuse-leap-15.3 | opensuse | python3-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/python3-lxml-devel?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | python3-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/python3-lxml-devel?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | python3-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/python2-lxml?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | python2-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/python2-lxml?arch=s390x&distro=opensuse-leap-15.3 | opensuse | python2-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/python2-lxml?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | python2-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/python2-lxml?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | python2-lxml | < 4.7.1-3.7.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/python2-lxml-devel?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | python2-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/python2-lxml-devel?arch=s390x&distro=opensuse-leap-15.3 | opensuse | python2-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/python2-lxml-devel?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | python2-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/python2-lxml-devel?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | python2-lxml-devel | < 4.7.1-3.7.1 | opensuse-leap-15.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |