26 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-1000061
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or...
RHEL 5 : xmlsec1 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xmlsec1: xmlsec vulnerable to external entity expansion CVE-2017-1000061 Note that Nessus has not tested for this...
SUSE CVE-2017-1000061
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service...
Ubuntu 16.04 ESM : XML Security Library vulnerability (USN-5674-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5674-1 advisory. It was discovered that XML Security Library incorrectly handled certain input documents. An attacker could possibly use this issue to obtain sensitive information...
Mageia: Security Advisory (MGASA-2017-0305)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0104)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 31 : xmlsec1 (2020-9573355ff4)
Update to 1.2.29 that's required by LibreOffice 6.4. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...
Huawei EulerOS: Security Advisory for xmlsec1 (EulerOS-SA-2017-1194)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for xmlsec1 (EulerOS-SA-2017-1193)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: GraphicsMagick
Issue Overview: The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. CVE-2017-1000061 Affected Packages: GraphicsMagick Issue Correction: Run yum update GraphicsMagick or yum update --advisory...
Medium: xmlsec1
Issue Overview: It was discovered xmlsec1's use of libxml2 inadvertently enabled external entity expansion XXE along with validation. An attacker could craft an XML file that would cause xmlsec1 to try and read local files or HTTP/FTP URLs, leading to information disclosure or denial of service...
EulerOS 2.0 SP2 : xmlsec1 (EulerOS-SA-2017-1194)
According to the version of the xmlsec1 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered xmlsec1's use of libxml2 inadvertently enabled external entity expansion XXE along with validation. An attacker could craft an X...
CentOS 7 : xmlsec1 (CESA-2017:2492)
An update for xmlsec1 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
xmlsec1 security update
CentOS Errata and Security Advisory CESA-2017:2492 An update for xmlsec1 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Updated xmlsec1 packages fix security vulnerability
It was discovered xmlsec1's use of libxml2 inadvertently enabled external entity expansion XXE along with validation. An attacker could craft an XML file that would cause xmlsec1 to try and read local files or HTTP/FTP URLs, leading to information disclosure or denial of service CVE-2017-1000061...
RHEL 7 : xmlsec1 (RHSA-2017:2492)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2492 advisory. XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards XML...
Scientific Linux Security Update : xmlsec1 on SL7.x x86_64 (20170821)
Security Fixes : - It was discovered xmlsec1's use of libxml2 inadvertently enabled external entity expansion XXE along with validation. An attacker could craft an XML file that would cause xmlsec1 to try and read local files or HTTP/FTP URLs, leading to information disclosure or denial of servic...
Oracle Linux 7 : xmlsec1 (ELSA-2017-2492)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2492 advisory. - CVE-2017-1000061 - CVE-2017-1000061 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...
Moderate: Red Hat Security Advisory: xmlsec1 security update
An update for xmlsec1 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
xmlsec1 security update
1.2.20-7 - CVE-2017-1000061 - Related: 1472092 - Fix mis-applied patch hunk 1.2.20-6 - CVE-2017-1000061 - Resolves: 1472092...