Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-1881

Опубликовано: 17 авг. 2013
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Отчет

This issue did not affect the versions of librsvg2 as shipped with Red Hat Enterprise Linux 5.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5librsvg2Not affected
Red Hat Enterprise Linux 7librsvg2Not affected
Red Hat Enterprise Linux 6librsvg2FixedRHSA-2014:012703.02.2014

Показывать по

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=924414librsvg2: local resource access vulnerability due to XML External Entity enablement

EPSS

Процентиль: 92%
0.07767
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu
почти 12 лет назад

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

nvd
почти 12 лет назад

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

debian
почти 12 лет назад

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary f ...

suse-cvrf
почти 10 лет назад

Security update for librsvg

github
больше 3 лет назад

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

EPSS

Процентиль: 92%
0.07767
Низкий

4.3 Medium

CVSS2