1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-3841-1

[USN-3841-1] lxml vulnerability

Severity Medium
Affected Packages 9
CVEs 1
Info Packages Vulnerabilities

lxml could allow cross-site scripting (XSS) attacks.

It was discovered that lxml incorrectly handled certain HTML files.
An attacker could possibly use this issue to conduct cross-site scripting
(XSS) attacks.

Package Affected Version
pkg:deb/ubuntu/python3-lxml?distro=xenial < 3.5.0-1ubuntu0.1
pkg:deb/ubuntu/python3-lxml?distro=trusty < 3.3.3-1ubuntu0.2
pkg:deb/ubuntu/python3-lxml?distro=bionic < 4.2.1-1ubuntu0.1
pkg:deb/ubuntu/python-lxml?distro=xenial < 3.5.0-1ubuntu0.1
pkg:deb/ubuntu/python-lxml?distro=trusty < 3.3.3-1ubuntu0.2
pkg:deb/ubuntu/python-lxml?distro=bionic < 4.2.1-1ubuntu0.1
pkg:deb/ubuntu/python-lxml-doc?distro=xenial < 3.5.0-1ubuntu0.1
pkg:deb/ubuntu/python-lxml-doc?distro=trusty < 3.3.3-1ubuntu0.2
pkg:deb/ubuntu/python-lxml-doc?distro=bionic < 4.2.1-1ubuntu0.1
ID
USN-3841-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-3841-1
Published
2018-12-10T12:03:21
(5 years ago)
Modified
2018-12-10T12:03:21
(5 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/python3-lxml?distro=xenial ubuntu python3-lxml < 3.5.0-1ubuntu0.1 xenial
Affected pkg:deb/ubuntu/python3-lxml?distro=trusty ubuntu python3-lxml < 3.3.3-1ubuntu0.2 trusty
Affected pkg:deb/ubuntu/python3-lxml?distro=bionic ubuntu python3-lxml < 4.2.1-1ubuntu0.1 bionic
Affected pkg:deb/ubuntu/python-lxml?distro=xenial ubuntu python-lxml < 3.5.0-1ubuntu0.1 xenial
Affected pkg:deb/ubuntu/python-lxml?distro=trusty ubuntu python-lxml < 3.3.3-1ubuntu0.2 trusty
Affected pkg:deb/ubuntu/python-lxml?distro=bionic ubuntu python-lxml < 4.2.1-1ubuntu0.1 bionic
Affected pkg:deb/ubuntu/python-lxml-doc?distro=xenial ubuntu python-lxml-doc < 3.5.0-1ubuntu0.1 xenial
Affected pkg:deb/ubuntu/python-lxml-doc?distro=trusty ubuntu python-lxml-doc < 3.3.3-1ubuntu0.2 trusty
Affected pkg:deb/ubuntu/python-lxml-doc?distro=bionic ubuntu python-lxml-doc < 4.2.1-1ubuntu0.1 bionic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date