Vulnerabilities in lxml

3 results

CVE-2021-43818HIGHHTML Cleaner allows crafted and SVG embedded scripts to pass throughEPSS 2.5%CVE-2022-2309MEDIUMNULL Pointer Dereference in lxml/lxmlEPSS 2.0%CVE-2026-41066HIGHlxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local filesEPSS 0.3%