11 matches found
EUVD-2018-0597
Malware in sbrugna...
CVE-2017-1000498
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
com.graphhopper:graphhopper-android (>=0.4.0 <=0.11.0), org.mapsforge:mapsforge-map-android (>=0.7.0 <=0.9.1) +5 more potentially affected by CVE-2017-1000498 via com.caverock:androidsvg (=1.2.2-beta-1)
com.caverock:androidsvg MAVEN version =1.2.2-beta-1 is affected by a known vulnerability. The following packages have a transitive dependency on com.caverock:androidsvg and may be impacted: - com.graphhopper:graphhopper-android =0.4.0, =0.7.0, =0.7.0, =0.6.0, =0.6.0, =5.4, =6.0.3 Source cves:...
GHSA-G556-X5VX-QH59 Android SVG vulnerable to XML External Entity (XXE)
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
Android SVG vulnerable to XML External Entity (XXE)
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
AndroidSVG SVG Parsing Component Denial of Service Vulnerability
AndroidSVG is a SVG Scalable Vector Graphics parser and renderer for Android.SVG parsing component is one of the SVG parsing components. A security vulnerability exists in the SVG parsing component in AndroidSVG version 1.2.2. A remote attacker can exploit this vulnerability to cause a denial of...
CVE-2017-1000498
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
CVE-2017-1000498
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
Remote code execution
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
CVE-2017-1000498
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...
CVE-2017-1000498
CVE-2017-1000498 affects AndroidSVG v1.2.2. The vulnerability is an XML External Entity (XXE) issue in the SVG parsing component, enabling denial of service and potentially remote code execution. No exploitation details are provided in the supplied documents. References/variants in connected sour...