Vulnerabilities > Lxml

DATE CVE VULNERABILITY TITLE RISK
2022-07-05 CVE-2022-2309 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference allows attackers to cause a denial of service (or application crash).
network
low complexity
lxml fedoraproject CWE-476
7.5
2021-12-13 CVE-2021-43818 Injection vulnerability in multiple products
lxml is a library for processing XML and HTML in the Python language.
network
low complexity
lxml fedoraproject debian netapp oracle CWE-74
7.1
2021-03-21 CVE-2021-28957 Cross-site Scripting vulnerability in multiple products
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3.
network
low complexity
lxml debian fedoraproject netapp oracle CWE-79
6.1
2020-12-03 CVE-2020-27783 Cross-site Scripting vulnerability in multiple products
A XSS vulnerability was discovered in python-lxml's clean module.
6.1
2018-12-02 CVE-2018-19787 Cross-site Scripting vulnerability in multiple products
An issue was discovered in lxml before 4.2.5.
4.3
2014-05-14 CVE-2014-3146 Unspecified vulnerability in Lxml
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
network
lxml
4.3