vulnerability
Oracle Linux: CVE-2020-27783: ELSA-2021-1879: python38:3.8 security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | 2020-10-18 | 2021-05-26 | 2025-01-08 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
2020-10-18
Added
2021-05-26
Modified
2025-01-08
Description
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
A Cross-site Scripting (XSS) vulnerability was found in the python-lxml's clean module. The module's parser did not properly imitate browsers, causing different behaviors between the sanitizer and the user's page. This flaw allows a remote attacker to run arbitrary HTML/JS code. The highest threat from this vulnerability is to confidentiality and integrity.
A Cross-site Scripting (XSS) vulnerability was found in the python-lxml's clean module. The module's parser did not properly imitate browsers, causing different behaviors between the sanitizer and the user's page. This flaw allows a remote attacker to run arbitrary HTML/JS code. The highest threat from this vulnerability is to confidentiality and integrity.
Solution(s)
oracle-linux-upgrade-babeloracle-linux-upgrade-ol-automation-manageroracle-linux-upgrade-ol-automation-manager-clioracle-linux-upgrade-python2oracle-linux-upgrade-python2-attrsoracle-linux-upgrade-python2-babeloracle-linux-upgrade-python2-backportsoracle-linux-upgrade-python2-backports-ssl-match-hostnameoracle-linux-upgrade-python2-bsonoracle-linux-upgrade-python2-chardetoracle-linux-upgrade-python2-coverageoracle-linux-upgrade-python2-cythonoracle-linux-upgrade-python2-debugoracle-linux-upgrade-python2-develoracle-linux-upgrade-python2-dnsoracle-linux-upgrade-python2-docsoracle-linux-upgrade-python2-docs-infooracle-linux-upgrade-python2-docutilsoracle-linux-upgrade-python2-funcsigsoracle-linux-upgrade-python2-idnaoracle-linux-upgrade-python2-ipaddressoracle-linux-upgrade-python2-jinja2oracle-linux-upgrade-python2-libsoracle-linux-upgrade-python2-lxmloracle-linux-upgrade-python2-markupsafeoracle-linux-upgrade-python2-mockoracle-linux-upgrade-python2-noseoracle-linux-upgrade-python2-numpyoracle-linux-upgrade-python2-numpy-docoracle-linux-upgrade-python2-numpy-f2pyoracle-linux-upgrade-python2-piporacle-linux-upgrade-python2-pip-wheeloracle-linux-upgrade-python2-pluggyoracle-linux-upgrade-python2-psycopg2oracle-linux-upgrade-python2-psycopg2-debugoracle-linux-upgrade-python2-psycopg2-testsoracle-linux-upgrade-python2-pyoracle-linux-upgrade-python2-pygmentsoracle-linux-upgrade-python2-pymongooracle-linux-upgrade-python2-pymongo-gridfsoracle-linux-upgrade-python2-pymysqloracle-linux-upgrade-python2-pysocksoracle-linux-upgrade-python2-pytestoracle-linux-upgrade-python2-pytest-mockoracle-linux-upgrade-python2-pytzoracle-linux-upgrade-python2-pyyamloracle-linux-upgrade-python2-requestsoracle-linux-upgrade-python2-rpm-macrosoracle-linux-upgrade-python2-scipyoracle-linux-upgrade-python2-setuptoolsoracle-linux-upgrade-python2-setuptools-scmoracle-linux-upgrade-python2-setuptools-wheeloracle-linux-upgrade-python2-sixoracle-linux-upgrade-python2-sqlalchemyoracle-linux-upgrade-python2-testoracle-linux-upgrade-python2-tkinteroracle-linux-upgrade-python2-toolsoracle-linux-upgrade-python2-urllib3oracle-linux-upgrade-python2-virtualenvoracle-linux-upgrade-python2-wheeloracle-linux-upgrade-python2-wheel-wheeloracle-linux-upgrade-python38oracle-linux-upgrade-python38-asn1cryptooracle-linux-upgrade-python38-babeloracle-linux-upgrade-python38-cffioracle-linux-upgrade-python38-chardetoracle-linux-upgrade-python38-cryptographyoracle-linux-upgrade-python38-cythonoracle-linux-upgrade-python38-debugoracle-linux-upgrade-python38-develoracle-linux-upgrade-python38-idleoracle-linux-upgrade-python38-idnaoracle-linux-upgrade-python38-jinja2oracle-linux-upgrade-python38-libsoracle-linux-upgrade-python38-lxmloracle-linux-upgrade-python38-markupsafeoracle-linux-upgrade-python38-mod-wsgioracle-linux-upgrade-python38-numpyoracle-linux-upgrade-python38-numpy-docoracle-linux-upgrade-python38-numpy-f2pyoracle-linux-upgrade-python38-piporacle-linux-upgrade-python38-pip-wheeloracle-linux-upgrade-python38-plyoracle-linux-upgrade-python38-psutiloracle-linux-upgrade-python38-psycopg2oracle-linux-upgrade-python38-psycopg2-docoracle-linux-upgrade-python38-psycopg2-testsoracle-linux-upgrade-python38-pycparseroracle-linux-upgrade-python38-pymysqloracle-linux-upgrade-python38-pysocksoracle-linux-upgrade-python38-pytzoracle-linux-upgrade-python38-pyyamloracle-linux-upgrade-python38-requestsoracle-linux-upgrade-python38-rpm-macrosoracle-linux-upgrade-python38-scipyoracle-linux-upgrade-python38-setuptoolsoracle-linux-upgrade-python38-setuptools-wheeloracle-linux-upgrade-python38-sixoracle-linux-upgrade-python38-testoracle-linux-upgrade-python38-tkinteroracle-linux-upgrade-python38-urllib3oracle-linux-upgrade-python38-wheeloracle-linux-upgrade-python38-wheel-wheeloracle-linux-upgrade-python3-lxmloracle-linux-upgrade-python3-olamkitoracle-linux-upgrade-python-nose-docsoracle-linux-upgrade-python-psycopg2-docoracle-linux-upgrade-python-sqlalchemy-doc
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.