Описание
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.39-1 |
| cosmic | not-affected | 1.39-1 |
| devel | not-affected | 1.39-1 |
| disco | not-affected | 1.39-1 |
| eoan | not-affected | 1.39-1 |
| esm-apps/bionic | not-affected | 1.39-1 |
| esm-apps/focal | not-affected | 1.39-1 |
| esm-apps/jammy | not-affected | 1.39-1 |
| esm-apps/noble | not-affected | 1.39-1 |
Показывать по
5.8 Medium
CVSS2
7.1 High
CVSS3
Связанные уязвимости
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
perl-Image-Info: When parsing an SVG file, external entity expansion ( ...
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
5.8 Medium
CVSS2
7.1 High
CVSS3