Описание
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| unoconv | fixed | 0.7-2 | package | |
| unoconv | no-dsa | buster | package | |
| unoconv | no-dsa | stretch | package | |
| unoconv | no-dsa | jessie | package |
Примечания
https://github.com/unoconv/unoconv/pull/510
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 6 лет назад
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
CVSS3: 7.5
redhat
больше 6 лет назад
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
CVSS3: 7.5
nvd
больше 6 лет назад
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
