Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-27783

A Cross-site Scripting (XSS) vulnerability was found in the python-lxml's clean module. The module's parser did not properly imitate browsers, causing different behaviors between the sanitizer and the user's page. This flaw allows a remote attacker to run arbitrary HTML/JS code. The highest threat from this vulnerability is to confidentiality and integrity. (CVE-2020-27783)

Source

ALAS2-2021-1666

Amazon Linux 2 Security Advisory: ALAS-2021-1666
Advisory Release Date: 2021-06-16 20:37 Pacific
Advisory Updated Date: 2021-06-22 22:40 Pacific

Severity: Medium

References: CVE-2020-27783

Issue Overview:

A Cross-site Scripting (XSS) vulnerability was found in the python-lxml's clean module. The module's parser did not properly imitate browsers, causing different behaviors between the sanitizer and the user's page. This flaw allows a remote attacker to run arbitrary HTML/JS code. The highest threat from this vulnerability is to confidentiality and integrity. (CVE-2020-27783)

Affected Packages:

python-lxml

Issue Correction:
Run yum update python-lxml to update your system.

New Packages:

aarch64:
    python-lxml-3.2.1-4.amzn2.0.3.aarch64
    python-lxml-debuginfo-3.2.1-4.amzn2.0.3.aarch64

i686:
    python-lxml-3.2.1-4.amzn2.0.3.i686
    python-lxml-debuginfo-3.2.1-4.amzn2.0.3.i686

noarch:
    python-lxml-docs-3.2.1-4.amzn2.0.3.noarch

src:
    python-lxml-3.2.1-4.amzn2.0.3.src

x86_64:
    python-lxml-3.2.1-4.amzn2.0.3.x86_64
    python-lxml-debuginfo-3.2.1-4.amzn2.0.3.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2021-1666

ALAS2-2021-1666

Vulmon Search

About

Products

Connect