[
https://issues.apache.org/jira/browse/CASSANDRA-17802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Brandon Williams updated CASSANDRA-17802:
-----------------------------------------
Resolution: Invalid
Status: Resolved (was: Triage Needed)
We don't use lxml.
> Cassandra 3.11.13 has CVE-2021-43818 and CVE-2022-2309
> -------------------------------------------------------
>
> Key: CASSANDRA-17802
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17802
> Project: Cassandra
> Issue Type: Bug
> Reporter: suman agrawal
> Priority: Normal
>
> HI Team,
>
> The latest version of Cassandra 3.11.13 has below Security Vulnerabilities:
> |CVE-2022-2309|python|high|lxml|3.2.1|UNKNOWN|fixed in 4.9.1|NULL Pointer
> Dereference allows attackers to cause a denial of service (or application
> crash). This only applies when lxml is used together with libxml2 2.9.10
> through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows
> triggering crashes through forged input data, given a vulnerable code
> sequence in the application. The vulnerability is caused by the iterwalk
> function (also used by the canonicalize function). Such code shouldn\'t be in
> wide-spread use, given that parsing + iterwalk would usually be replaced with
> the more efficient iterparse function. However, an XML converter that
> serialises to C14N would also be vulnerable, for example, and there are
> legitimate use cases for this code sequence. If untrusted input is received
> (also remotely) and processed via iterwalk function, a crash can be
> triggered.|
> |CVE-2021-43818| python|high|lxml|3.2.1| |fixed in 4.6.5|lxml is a library
> for processing XML and HTML in the Python language. Prior to version 4.6.5,
> the HTML Cleaner in lxml.html lets certain crafted script content pass
> through, as well as script content in SVG files embedded using data URIs.
> Users that employ the HTML cleaner in a security relevant context should
> upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds
> available.|
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
