Описание
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.0108+dfsg-1ubuntu0.1]] |
| precise | released | 1.89+dfsg-1ubuntu0.1 |
| trusty | released | 2.0108+dfsg-1ubuntu0.1 |
| trusty/esm | DNE | trusty was released [2.0108+dfsg-1ubuntu0.1] |
| upstream | released | 2.0116+dfsg-2 |
| utopic | released | 2.0116+dfsg-1ubuntu0.14.10.1 |
| vivid | released | 2.0116+dfsg-1ubuntu0.15.04.1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
The _clone function in XML::LibXML before 2.0119 does not properly set ...
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
EPSS
5 Medium
CVSS2