Workflow

Lxml

Latest version: v5.2.1

The latest version of lxml with no known security vulnerabilities is 5.2.1. We recommend installing version 5.2.1.

The information on this page was curated by experts in our Cybersecurity Intelligence Team.

Latest release
v5.2.1 at April 2, 2024
License
BSD-3-Clause (BSD 3-Clause "New" or "Revised" License)

Description

Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API.

Resources

Vulnerabilities (8)

See all vulnerabilities
CVE-2022-2309
Affected versions:

<4.9.1

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dere…
CVE-2021-43818
Affected versions:

<4.6.5

Lxml 4.6.5 includes a fix for CVE-2021-43818: Prior to version…
CVE-2021-28957
Affected versions:

<4.6.3

Lxml version 4.6.3 includes a fix for CVE-2021-28957: An XSS v…
CVE-2020-27783
Affected versions:

<4.6.2

Lxml 4.6.2 includes a fix for CVE-2020-27783: A XSS vulnerabil…
PVE-2021-39195
Affected versions:

<4.4.0

In lxml before 4.4.0, when writing to file paths that contain …
CVE-2018-19787
Affected versions:

<4.2.5

Lxml 4.2.5 includes a fix for CVE-2018-19787: lxml/html/clean.…

Versions (112)

See all versions

Has known vulnerabilities

  • 5.2.1
  • 5.2.0
  • 5.1.1
  • 5.1.0
  • 5.0.2
  • 5.0.1
  • 5.0.0
  • 4.9.4
  • 4.9.3
  • 4.9.2
  • 4.9.1
  • 4.9.0
  • 4.8.0
  • 4.7.1
  • 4.6.5
  • 4.6.4
  • 4.6.3
  • 4.6.2
  • 4.6.1
  • 4.6.0