Описание
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-1000061
- https://github.com/lsh123/xmlsec/issues/43
- https://access.redhat.com/errata/RHSA-2017:2492
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PWHBRWXR3RNPHDSTQI6UWDG5ETOQ7VR
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3PWHBRWXR3RNPHDSTQI6UWDG5ETOQ7VR
- https://www.oracle.com/security-alerts/cpuApr2021.html
Связанные уязвимости
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansio ...
