5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.9%
Updated xmltooling and opensaml packages fix security vulnerability: The InCommon Shibboleth Training team discovered that XMLTooling, a C++ XML parsing library, did not properly handle an exception when parsing well-formed but schema-invalid XML. This could allow remote attackers to cause a denial of service (crash) via crafted XML data (CVE-2015-0851).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | xmltooling | < 1.5.3-3.1 | xmltooling-1.5.3-3.1.mga4 |
Mageia | 4 | noarch | opensaml | < 2.5.2-4.1 | opensaml-2.5.2-4.1.mga4 |
Mageia | 5 | noarch | xmltooling | < 1.5.3-5.1 | xmltooling-1.5.3-5.1.mga5 |
Mageia | 5 | noarch | opensaml | < 2.5.2-6.1 | opensaml-2.5.2-6.1.mga5 |