Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-18197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as...

9.8CVSS8.1AI score0.02954EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-18197

In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...

9.8CVSS7AI score0.02954EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/04/23 12:0 a.m.16 views

Fedora 26 : jgraphx (2018-b3f8bee2e0)

Security fix for CVE-2017-18197 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

9.8CVSS8.2AI score0.02954EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/04/23 12:0 a.m.13 views

Fedora 27 : jgraphx (2018-b268b5bbb5)

Security fix for CVE-2017-18197 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

9.8CVSS8.2AI score0.02954EPSS
Exploits1References2
OSV
OSV
added 2018/02/24 2:29 a.m.1 views

DEBIAN-CVE-2017-18197

In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...

9.8CVSS9.3AI score0.02954EPSS
Exploits1References1
CVE
CVE
added 2018/02/24 2:0 a.m.58 views

CVE-2017-18197

CVE-2017-18197 affects mxGraph (before 3.7.6). In mxGraphViewImageReader.java, the SAXParserFactory used in convert() lacks XXE-defensive flags, enabling XML External Entity attacks (as demonstrated by /ServerView). Public disclosures and advisories (GHSA-wvpv-8524-wg6x; Fed/Debian/Nessus entries...

9.8CVSS9.2AI score0.02954EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2018/02/24 2:0 a.m.14 views

CVE-2017-18197

In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...

9.8CVSS9.4AI score0.02954EPSS
Exploits1
Rows per page
Query Builder