USN-3841-1: lxml vulnerability
Severity
Medium
Vendor
Canonical Ubuntu
Description
It was discovered that lxml incorrectly handled certain HTML files. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks.
CVEs contained in this USN include: CVE-2018-19787
Affected VMware Products and Versions
Severity is medium unless otherwise noted.
- Pivotal Operations Manager is vulnerable in the following releases:
- 2.2.x versions prior to 2.2.13
Mitigation
Users of affected versions should apply the following mitigation:
- Releases that have fixed this issue include:
- Pivotal Operations Manager: 2.2.13