Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Mageia: 2021-0595 Moderate: Python-lxml HTML Cleaner Risk Fix

mageia
Calendar Grey December 30, 2021
Dist Mageia Esm H88
Revised python-lxml libraries address security vulnerabilities. Mageia 8 encountered threats from malicious scripts through HTML Cleaner.
HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) References: - https://bugs.mageia.org/show_bug.cgi?id=29817

Summary

HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818)

References

- https://bugs.mageia.org/show_bug.cgi?id=29817

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/

- https://www.cve.org/CVERecord?id=CVE-2021-43818

Topics%20covered

Topics Covered

security advisory security issue fixed update script injection Mageia python-lxml HTML Cleaner

Resolution

SRPMS

- 8/core/python-lxml-4.6.5-1.mga8

Publication date: 30 Dec 2021
URL: https://advisories.mageia.org/MGASA-2021-0595.html
Type: security
CVE: CVE-2021-43818

Topics%20covered

Topics Covered

security advisory security issue fixed update script injection Mageia python-lxml HTML Cleaner

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here