CVE-2018-0486

🗓️ 15 Jan 2018 16:20:49Reported by redhat.comType

Shibboleth XMLTooling-C mishandles digital signatures, allowing remote attackers to obtain sensitive information or conduct impersonation attacks via crafted DTD

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 41
Tenable Nessus	FreeBSD : shibboleth-sp -- vulnerable to forged user attribute data (3dbe9492-f7b8-11e7-a12d-6cc21735f730)	15 Jan 201800:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : xmltooling (SUSE-SU-2018:0140-1)	9 Mar 201800:00	–	nessus
Tenable Nessus	Debian DLA-1242-1 : xmltooling security update	15 Jan 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : xmltooling (openSUSE-2018-65)	22 Jan 201800:00	–	nessus
Tenable Nessus	Debian DSA-4085-1 : xmltooling - security update	15 Jan 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : xmltooling (openSUSE-2018-276)	19 Mar 201800:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : xmltooling (SUSE-SU-2018:0720-1)	19 Mar 201800:00	–	nessus
NVD	CVE-2018-0486	13 Jan 201818:29	–	nvd
NVD	CVE-2018-0489	27 Feb 201815:29	–	nvd
Debian	[SECURITY] [DSA 4085-1] xmltooling security update	12 Jan 201822:14	–	debian

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Jan 2018 16:49Current

5.8Medium risk

Vulners AI Score5.8

EPSS0.00921