CVE-2017-5992

Опубликовано: 15 фев. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5.8

CVSS3: 8.2

Описание

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	2.4.9-1
cosmic	not-affected	2.4.9-1
devel	not-affected	2.4.9-1
disco	not-affected	2.4.9-1
eoan	not-affected	2.4.9-1
esm-apps/bionic	not-affected	2.4.9-1
esm-apps/focal	not-affected	2.4.9-1
esm-apps/jammy	not-affected	2.4.9-1
esm-apps/xenial	released	2.3.0-1ubuntu0.1~esm1

Показывать по

Ссылки на источники

EPSS

Процентиль: 67%

0.00528

Низкий

5.8 Medium

CVSS2

8.2 High

CVSS3

Связанные уязвимости

CVE-2017-5992

CVSS3: 8.2

nvd

почти 9 лет назад

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.

CVE-2017-5992

CVSS3: 8.2

debian

почти 9 лет назад

Openpyxl 2.4.1 resolves external entities by default, which allows rem ...

openSUSE-SU-2018:0522-1

suse-cvrf

почти 8 лет назад

Security update for python3-openpyxl

openSUSE-SU-2018:0108-1

suse-cvrf

около 8 лет назад

Security update for python-openpyxl

GHSA-chqf-hx79-gxc6

CVSS3: 8.2

github

больше 3 лет назад

Improper Restriction of XML External Entity Reference in Openpyxl

EPSS

Процентиль: 67%

0.00528

Низкий

5.8 Medium

CVSS2

8.2 High

CVSS3

CVE-2017-5992

Описание

Пакет openpyxl

Ссылки на источники

Связанные уязвимости