Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for feedparser by mark_pilgrim
CVE-2012-2921 (GCVE-0-2012-2921)
Vulnerability from nvd – Published: 2012-05-21 22:00 – Updated: 2024-08-06 19:50
VLAI
Summary
Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://osvdb.org/81701 | vdb-entryx_refsource_OSVDB |
| https://code.google.com/p/feedparser/source/brows… | x_refsource_CONFIRM |
| https://wiki.mageia.org/en/Support/Advisories/MGA… | x_refsource_CONFIRM |
| https://code.google.com/p/feedparser/source/detai… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/53654 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://freecode.com/projects/feedparser/releases/344371 | x_refsource_CONFIRM |
| http://secunia.com/advisories/49256 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-05-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:04.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py"
},
{
"name": "53654",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53654"
},
{
"name": "MDVSA-2013:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:118"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freecode.com/projects/feedparser/releases/344371"
},
{
"name": "49256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-13T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "81701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py"
},
{
"name": "53654",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53654"
},
{
"name": "MDVSA-2013:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:118"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freecode.com/projects/feedparser/releases/344371"
},
{
"name": "49256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81701",
"refsource": "OSVDB",
"url": "http://osvdb.org/81701"
},
{
"name": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157"
},
{
"name": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py"
},
{
"name": "53654",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53654"
},
{
"name": "MDVSA-2013:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:118"
},
{
"name": "http://freecode.com/projects/feedparser/releases/344371",
"refsource": "CONFIRM",
"url": "http://freecode.com/projects/feedparser/releases/344371"
},
{
"name": "49256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2921",
"datePublished": "2012-05-21T22:00:00.000Z",
"dateReserved": "2012-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:50:04.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1158 (GCVE-0-2011-1158)
Vulnerability from nvd – Published: 2011-04-11 18:00 – Updated: 2024-08-06 22:14
VLAI
Summary
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2011/03/14/18 | mailing-listx_refsource_MLIST |
| http://support.novell.com/security/cve/CVE-2011-1… | x_refsource_CONFIRM |
| http://secunia.com/advisories/43730 | third-party-advisoryx_refsource_SECUNIA |
| https://code.google.com/p/feedparser/issues/detai… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46867 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://openwall.com/lists/oss-security/2011/03/15/11 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
Date Public
2011-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1158.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=255"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1158.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=255"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1158",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:14:27.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1157 (GCVE-0-2011-1157)
Vulnerability from nvd – Published: 2011-04-11 18:00 – Updated: 2024-08-06 22:14
VLAI
Summary
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2011/03/14/18 | mailing-listx_refsource_MLIST |
| https://code.google.com/p/feedparser/issues/detai… | x_refsource_CONFIRM |
| http://secunia.com/advisories/43730 | third-party-advisoryx_refsource_SECUNIA |
| http://support.novell.com/security/cve/CVE-2011-1… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46867 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://openwall.com/lists/oss-security/2011/03/15/11 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
Date Public
2011-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:28.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=254"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1157.html"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=254"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1157.html"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1157",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:14:28.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1156 (GCVE-0-2011-1156)
Vulnerability from nvd – Published: 2011-04-11 18:00 – Updated: 2024-08-06 22:14
VLAI
Summary
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2011/03/14/18 | mailing-listx_refsource_MLIST |
| http://support.novell.com/security/cve/CVE-2011-1… | x_refsource_CONFIRM |
| http://secunia.com/advisories/43730 | third-party-advisoryx_refsource_SECUNIA |
| https://code.google.com/p/feedparser/issues/detai… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46867 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://openwall.com/lists/oss-security/2011/03/15/11 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
Date Public
2011-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1156.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=91"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1156.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=91"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1156",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:14:27.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5065 (GCVE-0-2009-5065)
Vulnerability from nvd – Published: 2011-04-11 18:00 – Updated: 2024-08-07 07:24
VLAI
Summary
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/47177 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://code.google.com/p/feedparser/issues/detail… | x_refsource_CONFIRM |
| http://support.novell.com/security/cve/CVE-2009-5… | x_refsource_CONFIRM |
Date Public
2009-11-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/feedparser/issues/detail?id=195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2009-5065.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "47177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/feedparser/issues/detail?id=195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2009-5065.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5065",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:24:54.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2921 (GCVE-0-2012-2921)
Vulnerability from cvelistv5 – Published: 2012-05-21 22:00 – Updated: 2024-08-06 19:50
VLAI
Summary
Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://osvdb.org/81701 | vdb-entryx_refsource_OSVDB |
| https://code.google.com/p/feedparser/source/brows… | x_refsource_CONFIRM |
| https://wiki.mageia.org/en/Support/Advisories/MGA… | x_refsource_CONFIRM |
| https://code.google.com/p/feedparser/source/detai… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/53654 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://freecode.com/projects/feedparser/releases/344371 | x_refsource_CONFIRM |
| http://secunia.com/advisories/49256 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-05-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:04.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py"
},
{
"name": "53654",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53654"
},
{
"name": "MDVSA-2013:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:118"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freecode.com/projects/feedparser/releases/344371"
},
{
"name": "49256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-13T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "81701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py"
},
{
"name": "53654",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53654"
},
{
"name": "MDVSA-2013:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:118"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freecode.com/projects/feedparser/releases/344371"
},
{
"name": "49256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81701",
"refsource": "OSVDB",
"url": "http://osvdb.org/81701"
},
{
"name": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706\u0026r=706"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157"
},
{
"name": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/feedparser/source/detail?r=703\u0026path=/trunk/feedparser/feedparser.py"
},
{
"name": "53654",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53654"
},
{
"name": "MDVSA-2013:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:118"
},
{
"name": "http://freecode.com/projects/feedparser/releases/344371",
"refsource": "CONFIRM",
"url": "http://freecode.com/projects/feedparser/releases/344371"
},
{
"name": "49256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2921",
"datePublished": "2012-05-21T22:00:00.000Z",
"dateReserved": "2012-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:50:04.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1158 (GCVE-0-2011-1158)
Vulnerability from cvelistv5 – Published: 2011-04-11 18:00 – Updated: 2024-08-06 22:14
VLAI
Summary
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2011/03/14/18 | mailing-listx_refsource_MLIST |
| http://support.novell.com/security/cve/CVE-2011-1… | x_refsource_CONFIRM |
| http://secunia.com/advisories/43730 | third-party-advisoryx_refsource_SECUNIA |
| https://code.google.com/p/feedparser/issues/detai… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46867 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://openwall.com/lists/oss-security/2011/03/15/11 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
Date Public
2011-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1158.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=255"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1158.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=255"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1158",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:14:27.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1157 (GCVE-0-2011-1157)
Vulnerability from cvelistv5 – Published: 2011-04-11 18:00 – Updated: 2024-08-06 22:14
VLAI
Summary
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2011/03/14/18 | mailing-listx_refsource_MLIST |
| https://code.google.com/p/feedparser/issues/detai… | x_refsource_CONFIRM |
| http://secunia.com/advisories/43730 | third-party-advisoryx_refsource_SECUNIA |
| http://support.novell.com/security/cve/CVE-2011-1… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46867 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://openwall.com/lists/oss-security/2011/03/15/11 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
Date Public
2011-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:28.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=254"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1157.html"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=254"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1157.html"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1157",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:14:28.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5065 (GCVE-0-2009-5065)
Vulnerability from cvelistv5 – Published: 2011-04-11 18:00 – Updated: 2024-08-07 07:24
VLAI
Summary
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/47177 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://code.google.com/p/feedparser/issues/detail… | x_refsource_CONFIRM |
| http://support.novell.com/security/cve/CVE-2009-5… | x_refsource_CONFIRM |
Date Public
2009-11-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/feedparser/issues/detail?id=195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2009-5065.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "47177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/feedparser/issues/detail?id=195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2009-5065.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5065",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:24:54.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1156 (GCVE-0-2011-1156)
Vulnerability from cvelistv5 – Published: 2011-04-11 18:00 – Updated: 2024-08-06 22:14
VLAI
Summary
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://openwall.com/lists/oss-security/2011/03/14/18 | mailing-listx_refsource_MLIST |
| http://support.novell.com/security/cve/CVE-2011-1… | x_refsource_CONFIRM |
| http://secunia.com/advisories/43730 | third-party-advisoryx_refsource_SECUNIA |
| https://code.google.com/p/feedparser/issues/detai… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/46867 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=684877 | x_refsource_CONFIRM |
| http://secunia.com/advisories/44074 | third-party-advisoryx_refsource_SECUNIA |
| http://openwall.com/lists/oss-security/2011/03/15/11 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-updates/2011-0… | mailing-listx_refsource_MLIST |
| https://bugzilla.novell.com/show_bug.cgi?id=680074 | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
Date Public
2011-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1156.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=91"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2011-1156.html"
},
{
"name": "43730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/feedparser/issues/detail?id=91"
},
{
"name": "46867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=684877"
},
{
"name": "44074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44074"
},
{
"name": "[oss-security] 20110315 Re: CVE request for python-feedparser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/11"
},
{
"name": "[opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=680074"
},
{
"name": "MDVSA-2011:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:082"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1156",
"datePublished": "2011-04-11T18:00:00.000Z",
"dateReserved": "2011-03-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:14:27.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}