You need to add namespace prefixes in the xpath expression:
tree = etree.fromstring(open("c:/temp/CVE/sample.xml").read()).getroottree().getroot()for descript in tree.xpath('//ns:entry/ns:desc/ns:descript', namespaces={'ns': 'http://nvd.nist.gov/feeds/cve/1.2'}): print descript.text print descript.attrib.get('source')Prints:
Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to bypass intended access restrictions via unknown vectors.cveHP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.cveAlso see this relevant thread:
