Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0267

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01228EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.33 views

Fedora 39 : fonttools (2024-6d1d9f70d2)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6d1d9f70d2 advisory. Security fix for CVE-2023-45139 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.5CVSS7.4AI score0.01228EPSS
Exploits1References2
NVD
NVD
added 2024/01/10 4:15 p.m.14 views

CVE-2023-45139

fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...

7.5CVSS7.6AI score0.01228EPSS
Exploits1References6
OSV
OSV
added 2024/01/10 4:15 p.m.3 views

UBUNTU-CVE-2023-45139

fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...

7.5CVSS5.9AI score0.01228EPSS
Exploits1References6
OSV
OSV
added 2024/01/10 4:3 p.m.21 views

CVE-2023-45139 fonttools XML External Entity Injection (XXE) Vulnerability

fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...

7.5CVSS7.7AI score0.01228EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2024/01/10 4:3 p.m.16 views

CVE-2023-45139

fontTools is a library for manipulating fonts, written in Python. The subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to...

7.5CVSS7.6AI score0.01228EPSS
Exploits1
Rows per page
Query Builder