All 3 CVE vulnerabilities found in lxml_html_clean, with AI-generated Chinese analysis, references, and POCs.
Vendor: fedora-python
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28350 | lxml_html_clean: <base> tag injection through default Cleaner configuration CWE-116 | 6.1 | Medium | 2026-03-05 |
| CVE-2026-28348 | lxml_html_clean: CSS @import Filter Bypass via Unicode Escapes CWE-116 | 6.1 | Medium | 2026-03-05 |
| CVE-2024-52595 | HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through CWE-79 | 7.7 | High | 2024-11-19 |
All 3 known CVE vulnerabilities affecting lxml_html_clean with full Chinese analysis, references, and POCs where available.