Lucene search
GoogleOSV:PYSEC-2021-115HistoryJul 29, 2021 - 6:15 p.m.
PYSEC-2021-115
2021-07-2918:15:00
Google
osv.dev
50
glances
xml external entity injection
fault
untrusted xml data
vulnerability
EPSS
0.019
Percentile
88.7%
The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.
References
github.com/advisories/GHSA-r2mj-8wgq-73m6
github.com/nicolargo/glances/commit/4b87e979afdc06d98ed1b48da31e69eaa3a9fb94
github.com/nicolargo/glances/commit/85d5a6b4af31fcf785d5a61086cbbd166b40b07a
github.com/nicolargo/glances/commit/9d6051be4a42f692392049fdbfc85d5dfa458b32
github.com/nicolargo/glances/issues/1025
snyk.io/vuln/SNYK-PYTHON-GLANCES-1311807
Related
debiancve
debiancve
CVE-2021-23418
2021-07-29 18:15:07
ubuntu
ubuntu
Glances vulnerability
2022-07-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5187-1)
2023-01-27 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2021-23418 XML External Entity (XXE) Injection
2021-07-29 17:50:12
cve
cve
CVE-2021-23418
2021-07-29 18:15:07
github
github
XML External Entity Reference in Glances
2021-08-09 20:43:14
osv
osv
XML External Entity Reference in Glances
2021-08-09 20:43:14
CVE-2021-23418
2021-07-29 18:15:07
glances vulnerability
2022-07-25 12:04:48
prion
prion
Xxe
2021-07-29 18:15:00
gitlab
gitlab
Improper Restriction of XML External Entity Reference
2021-08-09 00:00:00
nvd
nvd
CVE-2021-23418
2021-07-29 18:15:07
alpinelinux
alpinelinux
CVE-2021-23418
2021-07-29 18:15:00
ubuntucve
ubuntucve
CVE-2021-23418
2021-07-29 00:00:00