Oval Definition:
oval:org.opensuse.security:def:100094
Revision Date
:
2022-03-10
Version
:
1
Title
:
(Important)
Description
:
This update for python-lxml fixes the following issues:
- CVE-2018-19787: Fixed XSS vulnerability via unescaped URL (bsc#1118088). - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped (bsc#1184177). - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs (bnc#1193752). - CVE-2020-27783: Fixed mutation XSS with improper parser use (bnc#1179534).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1118088
1179534
1184177
1190487
1190488
1190489
1193752
CVE-2018-19787
CVE-2020-27783
CVE-2021-28957
CVE-2021-4009
CVE-2021-4010
CVE-2021-4011
CVE-2021-43818
SUSE-SU-2021:4122-1
Platform(s)
:
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
SUSE Enterprise Storage 6
Product(s)
:
Definition Synopsis
SUSE Enterprise Storage 6 is installed
AND
Package Information
xorg-x11-server-1.20.3-14.5.22.1 is installed
OR
xorg-x11-server-extra-1.20.3-14.5.22.1 is installed
OR
xorg-x11-server-sdk-1.20.3-14.5.22.1 is installed
Definition Synopsis
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure is installed
AND
python3-lxml-4.7.1-3.7.1 is installed
BACK