282 results (0.007 seconds)

CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0

lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as `<svg>`, `<math>` and `<noscript>`. This behavior deviates from how web browsers parse and interpret such tags. Specifically, content in CSS comments is ignored by lxml_html_clean but may be interpreted differently by web browsers, enabling malicious scripts to bypass the cleaning process. This vulnerability could lead to Cross-Site Scripting (XSS) attacks, compromising the security of users relying on lxml_html_clean in default configuration for sanitizing untrusted HTML content. • https://github.com/fedora-python/lxml_html_clean/commit/c5d816f86eb3707d72a8ecf5f3823e0daa1b3808 https://github.com/fedora-python/lxml_html_clean/pull/19 https://github.com/fedora-python/lxml_html_clean/security/advisories/GHSA-5jfw-gq64-q45f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-83: Improper Neutralization of Script in Attributes in a Web Page CWE-184: Incomplete List of Disallowed Inputs •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser. • https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5 https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550 https://github.com/python/cpython/issues/103848 https://github.com/python/cpython/pull/103849 https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. • https://github.com/python/cpython/issues/124651 https://github.com/python/cpython/pull/124712 https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483 https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7 https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8 https://github.com/python/cp • CWE-428: Unquoted Search Path or Element •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive. • https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06 https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4 https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY https://github.com/python/cp • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. A flaw was found in Python's zipfile module. • https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU https://github.com/python/cpython/pull/122906 https://github.com/python/cpython/issues/122905 https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64 https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db https://github.com/python/cp • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •