Source: python-pyrdfa X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security
Hi, The following vulnerability was published for python-pyrdfa. CVE-2022-4396[0]: | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in RDFlib | pyrdfa3 and classified as problematic. This issue affects the function | _get_option of the file pyRdfa/__init__.py. The manipulation leads to | cross site scripting. The attack may be initiated remotely. The name | of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e. It is | recommended to apply a patch to fix this issue. The identifier | VDB-215249 was assigned to this vulnerability. NOTE: This | vulnerability only affects products that are no longer supported by | the maintainer. https://github.com/RDFLib/pyrdfa3/pull/40 https://github.com/RDFLib/pyrdfa3/commit/ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-4396 https://www.cve.org/CVERecord?id=CVE-2022-4396 Please adjust the affected versions in the BTS as needed.
