Vulnerabilites related to lxml - lxml
Vulnerability from fkie_nvd
Published
2021-12-13 18:15
Modified
2024-11-21 06:29
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Summary
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lxml | lxml | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| netapp | solidfire | - | |
| netapp | solidfire_enterprise_sds | - | |
| netapp | hci_storage_node_firmware | - | |
| netapp | hci_storage_node | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | http_server | 12.2.1.4.0 | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*", matchCriteriaId: "DEE4409E-D026-41BB-B57D-65DCE636B964", versionEndExcluding: "4.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*", matchCriteriaId: "5D18075A-E8D6-48B8-A7FA-54E336A434A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:hci_storage_node_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4BC4299D-05D3-4875-BC79-C3DC02C88ECE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*", matchCriteriaId: "02DEB4FB-A21D-4CB1-B522-EEE5093E8521", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*", matchCriteriaId: "6EDB6772-7FDB-45FF-8D72-952902A7EE56", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*", matchCriteriaId: "9955F62A-75D3-4347-9AD3-5947FC365838", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*", matchCriteriaId: "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.", }, { lang: "es", value: "lxml es una biblioteca para procesar XML y HTML en el lenguaje Python. En versiones anteriores a 4.6.5, el limpiador de HTML en lxml.html dejaba pasar determinado contenido de scripts manipulados, así como contenido de scripts en archivos SVG insertados usando URIs de datos. Los usuarios que empleen el limpiador de HTML en un contexto relevante para la seguridad deben actualizar a lxml versión 4.6.5 para recibir un parche. No se presentan soluciones conocidas disponibles", }, ], id: "CVE-2021-43818", lastModified: "2024-11-21T06:29:51.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-13T18:15:08.387", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-06", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220107-0005/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5043", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220107-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-21 05:15
Modified
2024-11-21 06:00
Severity ?
Summary
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lxml | lxml | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| netapp | snapcenter | - | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*", matchCriteriaId: "2BADE2D9-D321-4DB0-839C-EB11673439DD", versionEndExcluding: "4.6.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.", }, { lang: "es", value: "Se ha descubierto una vulnerabilidad XSS en las versiones del módulo clean de python-lxml anteriores a la versión 4.6.3. Al desactivar los argumentos safe_attrs_only y forms, la clase Cleaner no elimina el atributo formaction, lo que permite que JS eluda el sanitizador. Un atacante remoto podría aprovechar este fallo para ejecutar código JS arbitrario en usuarios que interactúen con HTML incorrectamente saneado. Este problema está parcheado en lxml versión 4.6.3", }, ], id: "CVE-2021-28957", lastModified: "2024-11-21T06:00:26.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-21T05:15:13.367", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.launchpad.net/lxml/+bug/1888153", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-06", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210521-0004/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4880", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.launchpad.net/lxml/+bug/1888153", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210521-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4880", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-02 10:29
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 | Patch, Vendor Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html | ||
| cve@mitre.org | https://usn.ubuntu.com/3841-1/ | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3841-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3841-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3841-2/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lxml | lxml | * | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*", matchCriteriaId: "DC9A7F85-D5B8-406B-9B3D-DF7C5EE90407", versionEndExcluding: "4.2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by \"j a v a s c r i p t:\" in Internet Explorer. This is a similar issue to CVE-2014-3146.", }, { lang: "es", value: "Se ha descubierto un problema en lxml en versiones anteriores a la 4.2.5. lxml/html/clean.py en el módulo lxml.html.clean no elimina las URL javascript: que utilizan escapado, permitiendo que un atacante remoto realice ataques Cross-Site Scripting (XSS), tal y como queda demostrado con \"j a v a s c r i p t:\" en Internet Explorer. Este es un problema aparte, pero similar a CVE-2014-3146.", }, ], id: "CVE-2018-19787", lastModified: "2024-11-21T03:58:33.303", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-02T10:29:00.227", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3841-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3841-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3841-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3841-2/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-05-14 19:55
Modified
2024-11-21 02:07
Severity ?
Summary
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*", matchCriteriaId: "FAAC1D54-E4B7-4212-A281-9AE313C7A9DC", versionEndIncluding: "3.3.4", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.5:*:*:*:*:*:*:*", matchCriteriaId: "299444A8-4017-4358-9B35-0A9C475E5FB2", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C48BCC21-D20B-4390-870D-C88C9863D46B", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.6:*:*:*:*:*:*:*", matchCriteriaId: "779553CC-B269-479D-8885-1251541AC8B3", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.7:*:*:*:*:*:*:*", matchCriteriaId: "F73BEB9C-4F4F-4F63-81FF-0B65D6068DA4", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.8:*:*:*:*:*:*:*", matchCriteriaId: "39876055-AAFD-4584-872E-044C111417B1", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.9:*:*:*:*:*:*:*", matchCriteriaId: "25FD79CE-8C7C-4994-80D6-CA1E98C062EC", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.9.1:*:*:*:*:*:*:*", matchCriteriaId: "C641DEEC-643D-48AA-A2BC-3066CD02D072", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:0.9.2:*:*:*:*:*:*:*", matchCriteriaId: "C29C1834-7ADB-4444-B892-083CCA6FD0EA", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08F26EDB-5E1C-453A-8332-6DF4FD0627F2", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "24F0DD2C-2836-4477-849A-F154C0BF37D6", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "4FD4F21D-D09A-488A-A457-2BB5589B6B31", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "B9DFE602-6616-4369-9CA7-5C35FA80A4B1", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EB0F6513-1D7F-48D8-820C-F78A7935BE8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.1:*:*:*:*:*:*:*", matchCriteriaId: "6F36E5C1-7DF3-4692-8FEE-F1007E57399B", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4551FDBD-8975-4399-BD00-02EC03AD0CC5", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "F067084A-72E9-4D45-8EB9-534F718FD11C", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.2:*:*:*:*:*:*:*", matchCriteriaId: "54021062-86DC-4B28-AD87-963F0C415798", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "2B01E478-3B3A-4B05-AEDC-6A404DB7803A", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3:*:*:*:*:*:*:*", matchCriteriaId: "20751814-185B-489F-AD35-239EA168D293", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "CB0286DD-FDA3-4B31-B579-6FD68BF88B87", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "1B56F992-FEE5-4EB0-BB5D-B55BC2A5CDCB", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "CFEEE806-93A1-4683-9524-66B969E96D9C", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "21DC60E8-18F6-414F-81A0-37EAEF9D73A9", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "6B693FE5-0F4F-441C-8D6D-B2B0C00F4784", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "3319AB13-F589-44CA-8936-3A4D23C3C8E7", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0:*:*:*:*:*:*:*", matchCriteriaId: "DCC3B496-51EE-41E0-B785-E9E4FA530116", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "041CED1D-1D91-4BAC-8182-BE5870ADFEB7", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0F93A757-1B1A-4E69-89FD-B738F80C560D", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.3:*:*:*:*:*:*:*", matchCriteriaId: "2E58E8C6-6979-4256-947C-887D7E3F611A", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "06AC5F6D-F72C-4D30-997D-0202D9CACA49", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "C2AFA1D4-265D-4B72-B6A0-9F31F4612C33", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "0A216360-8892-4118-96DE-77EB7D17CA51", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "8A3513EB-8A8F-43AE-B079-AA5E27569CDB", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "4EDD3E4E-A3C0-4686-BD91-9B58CBC74DAB", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "BDDCFAEE-9C4B-4610-81A5-A5AD4420D579", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.10:*:*:*:*:*:*:*", matchCriteriaId: "88206B3E-503D-4C9C-85A2-8E1FB720E962", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.0.11:*:*:*:*:*:*:*", matchCriteriaId: "AA9D682D-CF6B-43FB-A29D-50BC54FB3E99", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1:alpha1:*:*:*:*:*:*", matchCriteriaId: "925AF6FD-EB7C-48EA-8747-5066103C58A8", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1:beta1:*:*:*:*:*:*", matchCriteriaId: "940C521B-EF4D-4A90-B1E1-E52C9793D645", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1:beta2:*:*:*:*:*:*", matchCriteriaId: "F3AB9E27-9017-4207-A66E-199CFD9EE4B8", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1:beta3:*:*:*:*:*:*", matchCriteriaId: "8900D734-E782-4759-A4DD-D577A462042C", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5C66C8E1-EE4E-4462-8844-15995FD1FB93", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1.2:*:*:*:*:*:*:*", matchCriteriaId: "E9747A1D-D644-442B-B2AE-C8D962B187E4", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1.3:*:*:*:*:*:*:*", matchCriteriaId: "777CB9D2-EACF-4F1A-B533-BFED0B27D214", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.1.4:*:*:*:*:*:*:*", matchCriteriaId: "58001941-9E40-45D7-9892-C79B7A8F3720", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2:-:*:*:*:*:*:*", matchCriteriaId: "4C7FE4FA-6C7C-4A3C-B2EE-C6B70C8A3F48", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2:alpha1:*:*:*:*:*:*", matchCriteriaId: "F7E1DFA9-CC7B-4E9F-A2E4-0FE8DF536101", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2:beta1:*:*:*:*:*:*", matchCriteriaId: "B40A7ED8-0D71-430E-BCF1-640D816C0230", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2:beta2:*:*:*:*:*:*", matchCriteriaId: "8790354C-5A4B-4CD3-ACB1-FE5AA0900281", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2:beta3:*:*:*:*:*:*", matchCriteriaId: "E1B6857F-0990-4083-9876-5DDF5FA473B0", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2:beta4:*:*:*:*:*:*", matchCriteriaId: "049C39E8-4804-4048-9999-A1EAFD5B910B", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C51525BB-5967-4C7F-9188-5E3895B3A2CB", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.2:*:*:*:*:*:*:*", matchCriteriaId: "A9DC336F-02E7-4E1C-A8EA-21DEE84A52F2", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.3:*:*:*:*:*:*:*", matchCriteriaId: "CD4FB16F-6BFA-4D2A-8D48-1A01154C3F85", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "00400181-FA11-49CE-B932-4F21A8278D81", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.5:*:*:*:*:*:*:*", matchCriteriaId: "6392F721-9F0D-4BBC-B392-A9C6F14F7F17", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.6:*:*:*:*:*:*:*", matchCriteriaId: "95F6166A-3856-451D-AFAA-56C5D09752D1", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.7:*:*:*:*:*:*:*", matchCriteriaId: "DE0D09BB-8796-40F1-8599-107B9C775C12", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "7550F3D6-4FCC-4AD5-A92D-D984A6824AB4", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3:-:*:*:*:*:*:*", matchCriteriaId: "30EAB48D-A728-46FB-92B3-0B97CF85E72B", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3:alpha1:*:*:*:*:*:*", matchCriteriaId: "127C133B-5022-46FB-9D6F-05FB2E83CA87", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3:alpha2:*:*:*:*:*:*", matchCriteriaId: "D3E49A50-3861-4265-BB2B-ABEA50C6DE7E", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3:beta1:*:*:*:*:*:*", matchCriteriaId: "D72B1891-2E24-4DA7-B243-80306866F934", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3.1:*:*:*:*:*:*:*", matchCriteriaId: "FDB6BCDC-7207-4895-8746-E40DDD1D5585", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3.2:*:*:*:*:*:*:*", matchCriteriaId: "1F0D4EB6-5ED8-4018-A1FE-9BEB6D511830", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3.3:*:*:*:*:*:*:*", matchCriteriaId: "627C0FA1-7425-4E6B-92C5-652D4F62ECAD", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3.4:*:*:*:*:*:*:*", matchCriteriaId: "70059F02-B63D-4583-8AD4-769BA648317F", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3.5:*:*:*:*:*:*:*", matchCriteriaId: "BC4FCBFB-632A-451E-8A17-C4A8F8A65AAF", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:2.3.6:*:*:*:*:*:*:*", matchCriteriaId: "8763BB95-EBF9-40A1-908C-4207D87FE578", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.0:-:*:*:*:*:*:*", matchCriteriaId: "BC015741-8F99-4F3D-B3F6-07BF23A70DC0", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "D1A35DEE-2561-4B4A-BFE0-C443C70175BA", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6FBFD00B-5821-400E-A83C-FB0D1C26A4DE", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.0:beta1:*:*:*:*:*:*", matchCriteriaId: "9AB7BA95-5BEC-4AC6-8F93-5D918D1B31D0", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "FDAEFE73-F873-4F48-A274-F6CCB40766DA", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.0.2:*:*:*:*:*:*:*", matchCriteriaId: "1ED8D046-5701-4AD4-BFA6-D186AA596B26", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.1:beta1:*:*:*:*:*:*", matchCriteriaId: "685D86D0-4A37-4B9B-BD70-C1127EA51907", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9B72ABBA-9319-4BFE-8F3B-F6F36F64EB12", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F2684097-3082-4612-8E1B-5CA6D2E20E3E", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.1.2:*:*:*:*:*:*:*", matchCriteriaId: "7981486F-129D-433B-A489-0AB90A2062E5", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "45C3BB16-3D44-43E8-AEF5-3454495F0CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "CD521388-6E28-427E-9086-79BCEDB1025F", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.2.2:*:*:*:*:*:*:*", matchCriteriaId: "6BFA21DA-4807-496D-B63A-F95E6E9F39FF", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.2.3:*:*:*:*:*:*:*", matchCriteriaId: "87B742D1-4838-4D48-A17A-386E0CF517B1", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.2.4:*:*:*:*:*:*:*", matchCriteriaId: "B1191E15-DC8D-4D2B-8563-10DFFF60CD51", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.2.5:*:*:*:*:*:*:*", matchCriteriaId: "6BA34CA6-7309-490C-8DB7-7F051F9C3CDE", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.0:-:*:*:*:*:*:*", matchCriteriaId: "E58C7CFD-0135-4D59-8D9D-A12A7BACF387", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.0:beta1:*:*:*:*:*:*", matchCriteriaId: "5FE30C26-028B-41A1-842C-1AF19E551F54", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.0:beta2:*:*:*:*:*:*", matchCriteriaId: "188EA215-8ACA-482F-9283-6780E29B5F4E", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.0:beta3:*:*:*:*:*:*", matchCriteriaId: "738B75AC-0AFC-4108-88A1-80EC6D03FBD6", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.0:beta4:*:*:*:*:*:*", matchCriteriaId: "99226ADA-A62E-4366-BDD1-1D33BDCA813F", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.0:beta5:*:*:*:*:*:*", matchCriteriaId: "2F1E30E8-484C-4925-9B6F-DD266AC602B7", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "02E0191B-661F-4C60-AC7F-68B95E730013", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "7922BC86-D318-404B-A39B-8AC9B1AF70BF", vulnerable: true, }, { criteria: "cpe:2.3:a:lxml:lxml:3.3.3:*:*:*:*:*:*:*", matchCriteriaId: "26BFDC2C-CAFE-4301-903F-31713885EB94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.", }, { lang: "es", value: "Vulnerabilidad de lista negra incompleta en el módulo lxml.html.clean en lxml anterior a 3.3.5 permite a atacantes remotos realizar ataques de XSS a través de caracteres de control en la esquema de enlace hacia la función clean_html.", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/184.html\n\n\"CWE-184: Incomplete Blacklist\"", id: "CVE-2014-3146", lastModified: "2024-11-21T02:07:32.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2014-05-14T19:55:11.653", references: [ { source: "secalert@redhat.com", url: "http://advisories.mageia.org/MGASA-2014-0218.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html", }, { source: "secalert@redhat.com", url: "http://lxml.de/3.3/changes-3.3.5.html", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2014/Apr/210", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://seclists.org/fulldisclosure/2014/Apr/319", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/58013", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/58744", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59008", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-2941", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2014/05/09/7", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/67159", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2217-1", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2014-0218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lxml.de/3.3/changes-3.3.5.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2014/Apr/210", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://seclists.org/fulldisclosure/2014/Apr/319", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/58013", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/58744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59008", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2941", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2014/05/09/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/67159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2217-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-03 17:15
Modified
2024-11-21 05:21
Severity ?
Summary
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lxml | lxml | * | |
| redhat | software_collections | - | |
| redhat | enterprise_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| netapp | snapcenter | - | |
| oracle | communications_offline_mediation_controller | 12.0.0.3.0 | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*", matchCriteriaId: "E38D76A8-089A-4CE3-93FA-97F5E30D9C18", versionEndExcluding: "4.6.2", versionStartIncluding: "1.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", matchCriteriaId: "749804DA-4B27-492A-9ABA-6BB562A6B3AC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "49ACFC73-A509-4D1C-8FC3-F68F495AB055", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.", }, { lang: "es", value: "Se detectó una vulnerabilidad de tipo XSS en el módulo de limpieza de python-lxml. El analizador del módulo no imitaba apropiadamente los navegadores, lo que causaba comportamientos diferentes entre el sanitizador y la página del usuario. Un atacante remoto podría explotar este fallo para ejecutar código HTML/JS arbitrario", }, ], id: "CVE-2020-27783", lastModified: "2024-11-21T05:21:49.663", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-03T17:15:13.177", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.checkmarx.net/advisory/CX-2020-4286", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901633", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210521-0003/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4810", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.checkmarx.net/advisory/CX-2020-4286", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210521-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4810", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-05 10:15
Modified
2024-11-21 07:00
Severity ?
Summary
NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lxml | lxml | * | |
| xmlsoft | libxml2 | * | |
| fedoraproject | fedora | 36 | |
| fedoraproject | fedora | 37 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*", matchCriteriaId: "738BCE63-2B47-4CFA-9915-C3DE1A3AA9A9", versionEndExcluding: "4.9.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "E1774300-F6CA-43CA-A6FD-6A302814FB5D", versionEndIncluding: "2.9.14", versionStartIncluding: "2.9.10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.", }, { lang: "es", value: "Una desreferencia de puntero NULL permite a atacantes causar una denegación de servicio (o bloqueo de la aplicación). Esto solo se aplica cuando lxml se usa junto con libxml2 versiones 2.9.10 hasta 2.9.14. libxml2 versiones 2.9.9 y anteriores no están afectados. Permite desencadenar bloqueos por medio de datos de entrada falsificados, dada una secuencia de código vulnerable en la aplicación. La vulnerabilidad es causada por la función iterwalk (también utilizada por la función canonicalize). Dicho código no debería tener un uso generalizado, dado que parsing + iterwalk generalmente se reemplazaría con la función iterparse más eficiente. Sin embargo, un convertidor XML que serializa a C14N también sería vulnerable, por ejemplo, y existen casos de uso legítimos para esta secuencia de código. Si se recibe una entrada que no es de confianza (también de forma remota) y se procesa por medio de la función iterwalk, se puede desencadenar un bloqueo", }, ], id: "CVE-2022-2309", lastModified: "2024-11-21T07:00:44.473", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-05T10:15:08.763", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", }, { source: "security@huntr.dev", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", }, { source: "security@huntr.dev", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/", }, { source: "security@huntr.dev", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/", }, { source: "security@huntr.dev", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-06", }, { source: "security@huntr.dev", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220915-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220915-0006/", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "security@huntr.dev", type: "Primary", }, ], }
cve-2021-43818
Vulnerability from cvelistv5
Published
2021-12-13 18:05
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:03:08.992Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0", }, { name: "FEDORA-2021-6e8fb79f90", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/", }, { name: "FEDORA-2021-9f9e7c5c4f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/", }, { name: "[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html", }, { name: "DSA-5043", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5043", }, { name: "FEDORA-2022-96c79bf003", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/", }, { name: "FEDORA-2022-7129fbaeed", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220107-0005/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202208-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-06", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "lxml", vendor: "lxml", versions: [ { status: "affected", version: "< 4.6.5", }, ], }, ], descriptions: [ { lang: "en", value: "lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-74", description: "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T05:06:57", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0", }, { name: "FEDORA-2021-6e8fb79f90", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/", }, { name: "FEDORA-2021-9f9e7c5c4f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/", }, { name: "[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html", }, { name: "DSA-5043", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5043", }, { name: "FEDORA-2022-96c79bf003", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/", }, { name: "FEDORA-2022-7129fbaeed", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220107-0005/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202208-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-06", }, ], source: { advisory: "GHSA-55x5-fj6c-h6m8", discovery: "UNKNOWN", }, title: "HTML Cleaner allows crafted and SVG embedded scripts to pass through", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-43818", STATE: "PUBLIC", TITLE: "HTML Cleaner allows crafted and SVG embedded scripts to pass through", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "lxml", version: { version_data: [ { version_value: "< 4.6.5", }, ], }, }, ], }, vendor_name: "lxml", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, ], }, { description: [ { lang: "eng", value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8", refsource: "CONFIRM", url: "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8", }, { name: "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a", refsource: "MISC", url: "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a", }, { name: "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776", refsource: "MISC", url: "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776", }, { name: "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0", refsource: "MISC", url: "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0", }, { name: "FEDORA-2021-6e8fb79f90", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/", }, { name: "FEDORA-2021-9f9e7c5c4f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/", }, { name: "[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html", }, { name: "DSA-5043", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5043", }, { name: "FEDORA-2022-96c79bf003", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/", }, { name: "FEDORA-2022-7129fbaeed", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220107-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220107-0005/", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202208-06", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-06", }, ], }, source: { advisory: "GHSA-55x5-fj6c-h6m8", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-43818", datePublished: "2021-12-13T18:05:12", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-04T04:03:08.992Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28957
Vulnerability from cvelistv5
Published
2021-03-21 04:39
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.376Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.launchpad.net/lxml/+bug/1888153", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270", }, { name: "[debian-lts-announce] 20210324 [SECURITY] [DLA 2606-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html", }, { name: "DSA-4880", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4880", }, { name: "FEDORA-2021-28723f9670", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/", }, { name: "FEDORA-2021-4cdb0f68c7", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210521-0004/", }, { name: "GLSA-202208-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-06", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T05:06:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.launchpad.net/lxml/+bug/1888153", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270", }, { name: "[debian-lts-announce] 20210324 [SECURITY] [DLA 2606-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html", }, { name: "DSA-4880", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4880", }, { name: "FEDORA-2021-28723f9670", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/", }, { name: "FEDORA-2021-4cdb0f68c7", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210521-0004/", }, { name: "GLSA-202208-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-06", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-28957", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.launchpad.net/lxml/+bug/1888153", refsource: "MISC", url: "https://bugs.launchpad.net/lxml/+bug/1888153", }, { name: "https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270", refsource: "MISC", url: "https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270", }, { name: "[debian-lts-announce] 20210324 [SECURITY] [DLA 2606-1] lxml security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html", }, { name: "DSA-4880", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4880", }, { name: "FEDORA-2021-28723f9670", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/", }, { name: "FEDORA-2021-4cdb0f68c7", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999", refsource: "MISC", url: "https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999", }, { name: "https://security.netapp.com/advisory/ntap-20210521-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210521-0004/", }, { name: "GLSA-202208-06", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-06", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28957", datePublished: "2021-03-21T04:39:35", dateReserved: "2021-03-21T00:00:00", dateUpdated: "2024-08-03T21:55:12.376Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27783
Vulnerability from cvelistv5
Published
2020-12-03 16:39
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1901633 | x_refsource_MISC | |
| https://www.debian.org/security/2020/dsa-4810 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/ | vendor-advisory, x_refsource_FEDORA | |
| https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
| https://advisory.checkmarx.net/advisory/CX-2020-4286 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210521-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | python-lxml |
Version: lxml-4.6.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:25:42.427Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901633", }, { name: "DSA-4810", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4810", }, { name: "[debian-lts-announce] 20201218 [SECURITY] [DLA 2467-2] lxml regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html", }, { name: "FEDORA-2020-0e055ea503", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/", }, { name: "FEDORA-2020-307946cfb6", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://advisory.checkmarx.net/advisory/CX-2020-4286", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210521-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "python-lxml", vendor: "n/a", versions: [ { status: "affected", version: "lxml-4.6.2", }, ], }, ], descriptions: [ { lang: "en", value: "A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-20T22:54:48", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901633", }, { name: "DSA-4810", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4810", }, { name: "[debian-lts-announce] 20201218 [SECURITY] [DLA 2467-2] lxml regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html", }, { name: "FEDORA-2020-0e055ea503", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/", }, { name: "FEDORA-2020-307946cfb6", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://advisory.checkmarx.net/advisory/CX-2020-4286", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210521-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-27783", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "python-lxml", version: { version_data: [ { version_value: "lxml-4.6.2", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1901633", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901633", }, { name: "DSA-4810", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4810", }, { name: "[debian-lts-announce] 20201218 [SECURITY] [DLA 2467-2] lxml regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html", }, { name: "FEDORA-2020-0e055ea503", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/", }, { name: "FEDORA-2020-307946cfb6", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { name: "https://advisory.checkmarx.net/advisory/CX-2020-4286", refsource: "MISC", url: "https://advisory.checkmarx.net/advisory/CX-2020-4286", }, { name: "https://security.netapp.com/advisory/ntap-20210521-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210521-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-27783", datePublished: "2020-12-03T16:39:41", dateReserved: "2020-10-27T00:00:00", dateUpdated: "2024-08-04T16:25:42.427Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2309
Vulnerability from cvelistv5
Published
2022-07-05 09:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba | x_refsource_CONFIRM | |
| https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202208-06 | vendor-advisory, x_refsource_GENTOO | |
| https://security.netapp.com/advisory/ntap-20220915-0006/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:32:09.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", }, { name: "GLSA-202208-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-06", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220915-0006/", }, { name: "FEDORA-2022-ed0eeb6a20", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/", }, { name: "FEDORA-2022-ed17f59c1d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "lxml/lxml", vendor: "lxml", versions: [ { lessThan: "4.9.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-24T01:06:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", }, { name: "GLSA-202208-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-06", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220915-0006/", }, { name: "FEDORA-2022-ed0eeb6a20", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/", }, { name: "FEDORA-2022-ed17f59c1d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/", }, ], source: { advisory: "8264e74f-edda-4c40-9956-49de635105ba", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in lxml/lxml", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-2309", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in lxml/lxml", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "lxml/lxml", version: { version_data: [ { version_affected: "<", version_value: "4.9.1", }, ], }, }, ], }, vendor_name: "lxml", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", refsource: "CONFIRM", url: "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", }, { name: "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", refsource: "MISC", url: "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", }, { name: "GLSA-202208-06", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-06", }, { name: "https://security.netapp.com/advisory/ntap-20220915-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220915-0006/", }, { name: "FEDORA-2022-ed0eeb6a20", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/", }, { name: "FEDORA-2022-ed17f59c1d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/", }, ], }, source: { advisory: "8264e74f-edda-4c40-9956-49de635105ba", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-2309", datePublished: "2022-07-05T09:00:12", dateReserved: "2022-07-05T00:00:00", dateUpdated: "2024-08-03T00:32:09.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-3146
Vulnerability from cvelistv5
Published
2014-05-14 19:00
Modified
2024-08-06 10:35
Severity ?
EPSS score ?
Summary
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:35:56.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-2941", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2941", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lxml.de/3.3/changes-3.3.5.html", }, { name: "[oss-security] 20140509 Re: CVE request: python-lxml clean_html() input sanitization flaw", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/05/09/7", }, { name: "USN-2217-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2217-1", }, { name: "[lxml] 20140415 lxml.html.clean vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html", }, { name: "58744", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58744", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0218.html", }, { name: "67159", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/67159", }, { name: "MDVSA-2015:112", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112", }, { name: "58013", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58013", }, { name: "20140415 lxml (python lib) vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Apr/210", }, { name: "59008", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59008", }, { name: "openSUSE-SU-2014:0735", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html", }, { name: "20140430 Re: lxml (python lib) vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Apr/319", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-04-15T00:00:00", descriptions: [ { lang: "en", value: "Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-28T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "DSA-2941", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2941", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://lxml.de/3.3/changes-3.3.5.html", }, { name: "[oss-security] 20140509 Re: CVE request: python-lxml clean_html() input sanitization flaw", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/05/09/7", }, { name: "USN-2217-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2217-1", }, { name: "[lxml] 20140415 lxml.html.clean vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html", }, { name: "58744", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58744", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0218.html", }, { name: "67159", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/67159", }, { name: "MDVSA-2015:112", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112", }, { name: "58013", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58013", }, { name: "20140415 lxml (python lib) vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Apr/210", }, { name: "59008", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59008", }, { name: "openSUSE-SU-2014:0735", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html", }, { name: "20140430 Re: lxml (python lib) vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Apr/319", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3146", datePublished: "2014-05-14T19:00:00", dateReserved: "2014-05-02T00:00:00", dateUpdated: "2024-08-06T10:35:56.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19787
Vulnerability from cvelistv5
Published
2018-12-02 10:00
Modified
2024-08-05 11:44
Severity ?
EPSS score ?
Summary
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3841-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3841-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:44:20.323Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-3841-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3841-1/", }, { name: "[debian-lts-announce] 20181210 [SECURITY] [DLA 1604-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html", }, { name: "USN-3841-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3841-2/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109", }, { name: "[debian-lts-announce] 20201126 [SECURITY] [DLA 2467-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-02T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by \"j a v a s c r i p t:\" in Internet Explorer. This is a similar issue to CVE-2014-3146.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-11-26T20:06:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "USN-3841-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3841-1/", }, { name: "[debian-lts-announce] 20181210 [SECURITY] [DLA 1604-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html", }, { name: "USN-3841-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3841-2/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109", }, { name: "[debian-lts-announce] 20201126 [SECURITY] [DLA 2467-1] lxml security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-19787", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by \"j a v a s c r i p t:\" in Internet Explorer. This is a similar issue to CVE-2014-3146.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-3841-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3841-1/", }, { name: "[debian-lts-announce] 20181210 [SECURITY] [DLA 1604-1] lxml security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/12/msg00001.html", }, { name: "USN-3841-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3841-2/", }, { name: "https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109", refsource: "MISC", url: "https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109", }, { name: "[debian-lts-announce] 20201126 [SECURITY] [DLA 2467-1] lxml security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19787", datePublished: "2018-12-02T10:00:00", dateReserved: "2018-12-02T00:00:00", dateUpdated: "2024-08-05T11:44:20.323Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }