Lucene search
GoogleOSV:GHSA-R2MJ-8WGQ-73M6HistoryAug 09, 2021 - 8:43 p.m.
XML External Entity Reference in Glances
2021-08-0920:43:14
Google
osv.dev
12
glances
xml
external entity
xxe injection
fault
vulnerable
xml attacks
software
EPSS
0.019
Percentile
88.7%
The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.
References
github.com/nicolargo/glances
github.com/nicolargo/glances/commit/4b87e979afdc06d98ed1b48da31e69eaa3a9fb94
github.com/nicolargo/glances/commit/85d5a6b4af31fcf785d5a61086cbbd166b40b07a
github.com/nicolargo/glances/commit/9d6051be4a42f692392049fdbfc85d5dfa458b32
github.com/nicolargo/glances/issues/1025
nvd.nist.gov/vuln/detail/CVE-2021-23418
snyk.io/vuln/SNYK-PYTHON-GLANCES-1311807
Related
debiancve
debiancve
CVE-2021-23418
2021-07-29 18:15:07
ubuntu
ubuntu
Glances vulnerability
2022-07-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5187-1)
2023-01-27 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2021-23418 XML External Entity (XXE) Injection
2021-07-29 17:50:12
cve
cve
CVE-2021-23418
2021-07-29 18:15:07
github
github
XML External Entity Reference in Glances
2021-08-09 20:43:14
osv
osv
glances vulnerability
2022-07-25 12:04:48
CVE-2021-23418
2021-07-29 18:15:07
PYSEC-2021-115
2021-07-29 18:15:00
prion
prion
Xxe
2021-07-29 18:15:00
gitlab
gitlab
Improper Restriction of XML External Entity Reference
2021-08-09 00:00:00
nvd
nvd
CVE-2021-23418
2021-07-29 18:15:07
alpinelinux
alpinelinux
CVE-2021-23418
2021-07-29 18:15:00
ubuntucve
ubuntucve
CVE-2021-23418
2021-07-29 00:00:00