Oval Definition:
oval:org.opensuse.security:def:118841
Revision Date
:
2022-03-10
Version
:
1
Title
:
Security update for python-lxml (Important)
Description
:
This update for python-lxml fixes the following issues:
- CVE-2018-19787: Fixed XSS vulnerability via unescaped URL (bsc#1118088). - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped (bsc#1184177). - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs (bnc#1193752). - CVE-2020-27783: Fixed mutation XSS with improper parser use (bnc#1179534).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1118088
1179534
1184177
1193752
CVE-2018-19787
CVE-2020-27783
CVE-2021-28957
CVE-2021-43818
SUSE-SU-2022:0803-1
Platform(s)
:
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS is installed
AND
Package Information
python2-lxml-4.7.1-3.7.1 is installed
OR
python2-lxml-devel-4.7.1-3.7.1 is installed
OR
python3-lxml-4.7.1-3.7.1 is installed
OR
python3-lxml-devel-4.7.1-3.7.1 is installed
BACK