Oval Definition:oval:org.opensuse.security:def:99499
Revision Date:2022-03-10Version:1
Title: (Important)
Description:

This update for python-lxml fixes the following issues:

- CVE-2018-19787: Fixed XSS vulnerability via unescaped URL (bsc#1118088). - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped (bsc#1184177). - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs (bnc#1193752). - CVE-2020-27783: Fixed mutation XSS with improper parser use (bnc#1179534).
Family:unixClass:patch
Status:Reference(s):1118088
1179534
1180554
1184177
1193752
CVE-2018-19787
CVE-2020-27783
CVE-2020-8287
CVE-2021-28957
CVE-2021-43818
SUSE-SU-2021:0224-1
Platform(s):Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
SUSE Linux Enterprise Server 15 SP1-LTSS
Product(s):
Definition Synopsis
  • Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM is installed
  • AND python3-lxml-4.7.1-3.7.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP1-LTSS is installed
  • AND Package Information
  • nodejs8-8.17.0-3.42.2 is installed
  • OR nodejs8-devel-8.17.0-3.42.2 is installed
  • OR nodejs8-docs-8.17.0-3.42.2 is installed
  • OR npm8-8.17.0-3.42.2 is installed
    • BACK