Vulnerability Bulletins |
DSA-2941 lxml - security update |
|
System information |
|
Affected software | Debian |
Description |
|
It was discovered that clean_html() function of lxml (pythonic bindingsfor the libxml2 and libxslt libraries) performed insufficientsanitisation for some non-printable characters. This could lead tocross-site scripting. More info: https://www.debian.org/security/2014/dsa-2941 |
|
Standar resources |
|
Property | Value |
CVE | CVE-2014-3146 and DSA-2941. |
Version history |
||
Version | Comments | Date |
1.0 | Advisory issued | 2014-06-04 |