Ubuntu Update For Lxml USN-2217-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that the lxml.html.clean module incorrectly stripped control characters. An attacked could potentially exploit this to conduct cross-site scripting (XSS) attacks.

Affected

lxml on Ubuntu 14.04 LTS , Ubuntu 13.10 , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-May/002518.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3146

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for clamav USN-1258-1
Ubuntu Update for acpi-support USN-2297-1
Ubuntu Update for cups USN-2341-1
Ubuntu Update for compiz-fusion-plugins-main vulnerability USN-688-1
Ubuntu Update for cups USN-2144-1

Ubuntu Update for lxml USN-2217-1

Take action and discover your vulnerabilities