Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xvp8-3mhv-424c
  • PyPI/lxml-html-clean
 lxml-html-clean has <base> tag injection through default Cleaner configuration 02 Mar
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-hw26-mmpg-fqfg
  • PyPI/lxml-html-clean
 lxml-html-clean has CSS @import Filter Bypass via Unicode Escapes 02 Mar
  • Fix available
  • Severity - 6.1 (Medium)
PYSEC-2024-160
  • PyPI/lxml-html-clean
  • github.com/fedora-python/lxml_html_clean
 See record for full details 19 Nov 2024
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-5jfw-gq64-q45f
  • PyPI/lxml-html-clean
 HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through 19 Nov 2024
  • Fix available
  • Severity - 7.7 (High)
GHSA-wrxv-2j5q-m38w
  • PyPI/lxml
 lxml NULL Pointer Dereference allows attackers to cause a denial of service 06 Jul 2022
  • Fix available
  • Severity - 6.9 (Medium)
PYSEC-2022-230
  • PyPI/lxml
  • github.com/lxml/lxml
 See record for full details 05 Jul 2022
  • Fix available
GHSA-57qw-cc2g-pv5p
  • PyPI/lxml
 lxml Cross-site Scripting Via Control Characters 14 May 2022
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-xp26-p53h-6h2p
  • PyPI/lxml
 Improper Neutralization of Input During Web Page Generation in LXML 13 May 2022
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2021-852
  • PyPI/lxml
  • github.com/lxml/lxml
  • github.com/lxml/lxml#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776
 See record for full details 13 Dec 2021
  • Fix available
GHSA-55x5-fj6c-h6m8
  • PyPI/lxml
 lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through 13 Dec 2021
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-jq4v-f5q6-mjqq
  • PyPI/lxml
 lxml vulnerable to Cross-Site Scripting 22 Mar 2021
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2021-19
  • PyPI/lxml
  • github.com/lxml/lxml
 See record for full details 21 Mar 2021
  • Fix available
GHSA-pgww-xf46-h92r
  • PyPI/lxml
 lxml vulnerable to Cross-site Scripting 07 Jan 2021
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2020-62
  • PyPI/lxml
 See record for full details 03 Dec 2020
  • Fix available
PYSEC-2018-12
  • PyPI/lxml
  • github.com/lxml/lxml
 See record for full details 02 Dec 2018
  • Fix available
PYSEC-2014-9
  • PyPI/lxml
 See record for full details 14 May 2014
  • Fix available