22 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3451
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XX...
RHEL 7 : perl-xml-libxml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-XML-LibXML: Use-after-free by controlling the arguments to a replaceChild call CVE-2017-10672 - The...
RHEL 6 : perl-xml-libxml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-XML-LibXML: Use-after-free by controlling the arguments to a replaceChild call CVE-2017-10672 - The...
Debian: Security Advisory (DLA-214-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0199)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1439-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : perl-XML-LibXML (openSUSE-2015-571)
perl-XML-LibXML was updated to version 2.0.121 to fix one security vulnerability. - Fix 'expandentities' option that was not preserved under some circumstances. bsc929237, CVE-2015-3451 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
SUSE SLED12 / SLES12 Security Update : perl-XML-LibXML (SUSE-SU-2015:1439-1)
perl-XML-LibXML was updated to fix the expandentities option to be preserved in all cases. CVE-2015-3451. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much a...
SUSE-SU-2015:1439-1 Security update for perl-XML-LibXML
perl-XML-LibXML was updated to fix the expandentities option to be preserved in all cases. CVE-2015-3451...
CVE-2015-3451
The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...
CVE-2015-3451
CVE-2015-3451 affects XML::LibXML prior to 2.0119. The _clone function does not properly preserve or set the expand_entities option, enabling XML external entity (XXE) attacks via crafted XML data to the new or load_xml entry points. The connected sources confirm the vulnerable component and the ...
Fedora 20 : perl-XML-LibXML-2.0119-1.fc20 (2015-7258)
Security fix for Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...
Fedora 21 : perl-XML-LibXML-2.0119-1.fc21 (2015-7115)
Security fix for Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...
Mandriva Linux Security Advisory : perl-XML-LibXML (MDVSA-2015:231)
Updated perl-XML-LibXML package fixes security vulnerability : Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...
MGASA-2015-0199 Updated perl-XML-LibXML packages fix CVE-2015-3451
Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...
Updated perl-XML-LibXML packages fix CVE-2015-3451
Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...
[USN-2592-1] XML::LibXML vulnerability
========================================================================== Ubuntu Security Notice USN-2592-1 May 04, 2015 libxml-libxml-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
Debian DSA-3243-1 : libxml-libxml-perl - security update
Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...
[SECURITY] [DSA 3243-1] libxml-libxml-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3243-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 01, 2015 http://www.debian.org/security/faq -...
CVE-2015-3451
The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...