rpm package
opensuse/python-lxml_html_clean&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/python-lxml_html_clean&distro=openSUSE%20Leap%2016.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-28350 | — | < 0.4.2-bp160.2.1 | 0.4.2-bp160.2.1 | Mar 5, 2026 | lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While page_structure=True removes html, head, and title tags, there is no specific handling for < | ||
| CVE-2026-28348 | — | < 0.4.2-bp160.2.1 | 0.4.2-bp160.2.1 | Mar 5, 2026 | lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.4, the _has_sneaky_javascript() method strips backslashes before checking for dangerous CSS keywords. This causes CSS Unicode escape sequences to bypass the @import |
- CVE-2026-28350Mar 5, 2026affected < 0.4.2-bp160.2.1fixed 0.4.2-bp160.2.1
lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While page_structure=True removes html, head, and title tags, there is no specific handling for <
- CVE-2026-28348Mar 5, 2026affected < 0.4.2-bp160.2.1fixed 0.4.2-bp160.2.1
lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.4, the _has_sneaky_javascript() method strips backslashes before checking for dangerous CSS keywords. This causes CSS Unicode escape sequences to bypass the @import