Oval Definition:oval:org.opensuse.security:def:100094
Revision Date:2022-03-10Version:1
Title: (Important)
Description:

This update for python-lxml fixes the following issues:

- CVE-2018-19787: Fixed XSS vulnerability via unescaped URL (bsc#1118088). - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped (bsc#1184177). - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs (bnc#1193752). - CVE-2020-27783: Fixed mutation XSS with improper parser use (bnc#1179534).
Family:unixClass:patch
Status:Reference(s):1118088
1179534
1184177
1190487
1190488
1190489
1193752
CVE-2018-19787
CVE-2020-27783
CVE-2021-28957
CVE-2021-4009
CVE-2021-4010
CVE-2021-4011
CVE-2021-43818
SUSE-SU-2021:4122-1
Platform(s):Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
SUSE Enterprise Storage 6
Product(s):
Definition Synopsis
  • SUSE Enterprise Storage 6 is installed
  • AND Package Information
  • xorg-x11-server-1.20.3-14.5.22.1 is installed
  • OR xorg-x11-server-extra-1.20.3-14.5.22.1 is installed
  • OR xorg-x11-server-sdk-1.20.3-14.5.22.1 is installed
  • Definition Synopsis
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure is installed
  • AND python3-lxml-4.7.1-3.7.1 is installed
  • BACK