INFSA-2022:8226: python-lxml security update
Information about definition
Identificator: INFSA-2022:8226
Type: security
Release date: 2025-03-05 17:55:39 UTC
Information about package
lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API.
Vulnerabilities description
- CVE-2022-2309
A NULL Pointer dereference vulnerability found in lxml, caused by the iterwalk function (also used by the canonicalize function). This flaw can lead to a crash when the incorrect parser input occurs together with usages.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-2309
|
no information | 7.5 | no information |
Updated packages