python-lxml (SUSE:Linux Enterprise Server 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP5 package python-lxml, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2021-43818 — CVSS 8.2 (high): lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain…
CVE-2018-19787 — CVSS 6.1 (medium): An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use…
CVE-2020-27783 — CVSS 6.1 (medium): A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused…
CVE-2021-28957 — CVSS 6.1 (medium): An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms…