- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2467-1                [email protected]
https://www.debian.org/lts/security/                          Abhijith PA
November 26, 2020                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : lxml
Version        : 3.7.1-1+deb9u1
CVE ID         : CVE-2018-19787 CVE-2020-27783


CVE-2018-19787

    It was discovered that there was a XSS injection vulnerability in
    the LXML HTML/XSS manipulation library for Python.

CVE-2020-27783

    javascript escaping through the