lxml 'clean_html' Function Security Bypass Vulnerability

Bugtraq ID: 67159
Class: Input Validation Error
CVE: CVE-2014-3146
Remote: Yes
Local: No
Published: Apr 15 2014 12:00AM
Updated: Apr 13 2015 09:37PM
Credit: Maksim Kochkin
Vulnerable: Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 13.10
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Stefen Behnel lxml 3.3.4
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Stefen Behnel lxml 3.3.5


 

Privacy Statement
Copyright 2010, SecurityFocus