pkg:PyPI/lxml

All known vulnerabilities

• HIGH8.2CVE-2021-43818lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
  from 0, < f2330237440df7e8f39c3ad1b1aa8852be3b27c0, < 12fa9669007180a7bb87d990c375cf91ca5b664a | from 0, < a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c | from 0, < 4.6.5
• HIGH8.2CVE-2021-43818lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
  from 0, < 4.6.5
• HIGH7.5CVE-2026-41066lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files
  from 0, < 6.1.0
• HIGH7.5CVE-2026-41066lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files
  from 0, < 6.1.0
• MEDIUM6.1CVE-2014-3146lxml - security update
  from 0, < 3.3.5
• MEDIUM6.1CVE-2014-3146lxml - security update
  from 0, < 3.3.5
• MEDIUM6.1CVE-2018-19787lxml - security update
  from 0, < 4.2.5
• MEDIUM6.1CVE-2018-19787lxml - security update
  from 0, < 6be1d081b49c97cfd7b3fbd934a193b668629109 | from 0, < 4.2.5
• MEDIUM6.1CVE-2021-28957lxml - security update
  from 0, < a5f9cb52079dc57477c460dbe6ba0f775e14a999 | from 0, < 4.6.3
• MEDIUM6.1CVE-2021-28957lxml - security update
  from 0, < 4.6.3
• MEDIUM6.1CVE-2020-27783lxml vulnerable to Cross-site Scripting
  from 0, < 4.6.2
• MEDIUM6.1CVE-2020-27783lxml vulnerable to Cross-site Scripting
  >= 1.2, < 4.6.2
• MEDIUM5.3CVE-2022-2309lxml NULL Pointer Dereference allows attackers to cause a denial of service
  from 0, < 86368e9cf70a0ad23cccd5ee32de847149af0c6f | from 0, < 4.9.1
• MEDIUM5.3CVE-2022-2309lxml NULL Pointer Dereference allows attackers to cause a denial of service
  from 0, < 4.9.1