Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-27476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib'...

8.2CVSS7.2AI score0.00985EPSS
Exploits0References2
Debian
Debian
added 2023/06/25 6:34 p.m.13 views

[SECURITY] [DLA 3470-1] owslib security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3470-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 25, 2023 https://wiki.debian.org/LTS -...

8.2CVSS7.8AI score0.00985EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/25 12:0 a.m.21 views

Debian dla-3470 : owslib-doc - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3470 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3470-1 [email protected] https://www.debian.org/lts/security/...

8.2CVSS7.7AI score0.00985EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/06/14 12:0 a.m.22 views

Debian DSA-5426-1 : owslib - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5426 advisory. - OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML...

8.2CVSS7.7AI score0.00985EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.13 views

FreeBSD : py39-OWSLib -- arbitrary file read vulnerability (e5d117b3-2153-4129-81ed-42b0221afa78)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e5d117b3-2153-4129-81ed-42b0221afa78 advisory. - OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service...

8.2CVSS7.7AI score0.00985EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2023-0112)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References4
Mageia
Mageia
added 2023/03/24 5:55 a.m.34 views

Updated python-owslib packages fix security vulnerability

XML External Entity XXE Injection CVE-2023-27476...

8.2CVSS7.9AI score0.00985EPSS
Exploits0References2
OSV
OSV
added 2023/03/24 5:55 a.m.4 views

MGASA-2023-0112 Updated python-owslib packages fix security vulnerability

XML External Entity XXE Injection CVE-2023-27476...

8.2CVSS8.3AI score0.00985EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/19 12:0 a.m.11 views

Fedora: Security Advisory for mingw-python-OWSLib (FEDORA-2023-8312a80917)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/19 12:0 a.m.11 views

Fedora: Security Advisory for mingw-python-OWSLib (FEDORA-2023-ae06b3704c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/18 12:0 a.m.20 views

Fedora 37 : mingw-python-OWSLib (2023-8312a80917)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8312a80917 advisory. Update to OWSLib-0.28.1, fixes CVE-2023-27476. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/18 12:0 a.m.26 views

Fedora 36 : mingw-python-OWSLib (2023-ae06b3704c)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ae06b3704c advisory. Update to OWSLib-0.28.1, fixes CVE-2023-27476. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/12 12:0 a.m.19 views

Fedora 38 : mingw-python-OWSLib (2023-9a878398a6)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9a878398a6 advisory. Update to OWSLib-0.28.1, fixes CVE-2023-27476. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/03/08 12:15 a.m.3 views

ausdex (>=0.2.0 <=0.2.2), geodata-harvester (>=0.0.1 <=0.0.2) +10 more potentially affected by CVE-2023-27476 via owslib (>=0.22.0 <=0.27.2)

owslib PYPI version =0.22.0, =0.2.0, =0.0.1, =0.1.1, =0.7.0, =3.3.3, =0.1.12, =0.2.1, =0.12.0.dev0, =0.1.30, =0.13.2, =0.0.1, =0.1.0, =0.1.2 Source cves: CVE-2023-27476 Source advisory: OSV:PYSEC-2023-86...

8.2CVSS7.2AI score0.00985EPSS
Exploits0
Cvelist
Cvelist
added 2023/03/07 11:20 p.m.23 views

CVE-2023-27476 XML External Entity (XXE) Injection in OWSLib

OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution, and could lead to arbitrary file reads from an...

8.2CVSS8.3AI score0.00985EPSS
Exploits0References5
CVE
CVE
added 2023/03/07 11:20 p.m.152 views

CVE-2023-27476

OWSLib (Python) has a vulnerability in its XML parser that does not disable entity resolution, enabling potential arbitrary file reads from attacker-controlled XML payloads across all XML parsing in the codebase. Affected versions prior to 0.28.1; remediation is to upgrade to 0.28.1 or apply the ...

8.2CVSS7.7AI score0.00985EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/07 11:20 p.m.7 views

CVE-2023-27476 XML External Entity (XXE) Injection in OWSLib

OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution, and could lead to arbitrary file reads from an...

8.2CVSS8.2AI score0.00985EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2023/03/07 8:41 p.m.3 views

ausdex (>=0.2.0 <=0.2.2), geodata-harvester (>=0.0.1 <=0.0.2) +10 more potentially affected by CVE-2023-27476 via owslib (>=0.22.0 <=0.27.2)

owslib PYPI version =0.22.0, =0.2.0, =0.0.1, =0.1.1, =0.7.0, =3.3.3, =0.1.12, =0.2.1, =0.12.0.dev0, =0.1.30, =0.13.2, =0.0.1, =0.1.0, =0.1.2 Source cves: CVE-2023-27476 Source advisory: OSV:GHSA-8H9C-R582-MGGC...

8.2CVSS7.2AI score0.00985EPSS
Exploits0
Rows per page
Query Builder