VulnerableCode Package Details - pkg:pypi/html5lib@0.10

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/html5lib@0.10

Essentials
History (2)

purl	pkg:pypi/html5lib@0.10

Next non-vulnerable version	0.999999999
Latest non-vulnerable version	0.999999999
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-hks7-63m9-cbgq Aliases: CVE-2016-9909 GHSA-v9v9-xffq-rwr4 PYSEC-2017-14	The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values.	0.999999999 Affected by 0 other vulnerabilities.
VCID-xdme-w78p-pkbb Aliases: CVE-2016-9910 GHSA-8f6m-gfq9-g33v PYSEC-2017-15	The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909.	0.999999999 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:04:30.610347+00:00	Pypa Importer	Affected by	VCID-xdme-w78p-pkbb	https://github.com/pypa/advisory-database/blob/main/vulns/html5lib/PYSEC-2017-15.yaml	38.6.0
2026-06-02T04:04:30.512667+00:00	Pypa Importer	Affected by	VCID-hks7-63m9-cbgq	https://github.com/pypa/advisory-database/blob/main/vulns/html5lib/PYSEC-2017-14.yaml	38.6.0