Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-5661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. T...

7.9CVSS7.3AI score0.0296EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.10 views

RHEL 6 : fop (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - fop: XML external entity processing vulnerability CVE-2017-5661 Note that Nessus has not tested for this issue but...

7.3CVSS7.2AI score0.0296EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.10 views

RHEL 7 : fop (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - fop: XML external entity processing vulnerability CVE-2017-5661 Note that Nessus has not tested for this issue but...

7.3CVSS7.2AI score0.0296EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 12:35 p.m.16 views

Security Bulletin: Vulnerability found in fop-1.1.jar which is shipped with IBM® Intelligent Operations Center(CVE-2017-5661)

Summary Vulnerability have been identified in fop-1.1.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-5661...

7.9CVSS7.5AI score0.0296EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.43 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.2AI score0.9947EPSS
Exploits94References7
Tenable Nessus
Tenable Nessus
added 2021/07/31 12:0 a.m.85 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.1AI score0.9947EPSS
Exploits94References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.17 views

Security Bulletin: Security vulnerability in Apache FOP affects IBM® Rational® Quality Manager

Summary Security Vulnerability in Apache FOP shipped with IBM Rational Quality Manager was disclosed. IBM Rational Quality Manager has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-5661 DESCRIPTION: Apache FOP could allow a remote authenticated attacker to obtain sensitive...

7.9CVSS0.2AI score0.0296EPSS
Exploits1Affected Software2
Debian
Debian
added 2017/05/27 10:1 p.m.23 views

[SECURITY] [DSA 3864-1] fop security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3864-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 27, 2017 https://www.debian.org/security/faq -...

7.9CVSS7.2AI score0.0296EPSS
Exploits1
ArchLinux
ArchLinux
added 2017/05/21 12:0 a.m.27 views

[ASA-201705-19] fop: xml external entity injection

Arch Linux Security Advisory ASA-201705-19 ========================================== Severity: Medium Date : 2017-05-21 CVE-ID : CVE-2017-5661 Package : fop Type : xml external entity injection Remote : Yes Link : https://security.archlinux.org/AVG-254 Summary ======= The package fop before...

7.9CVSS0.8AI score0.0296EPSS
Exploits1References3
Debian
Debian
added 2017/04/29 4:35 p.m.20 views

[SECURITY] [DLA 927-1] fop security update

Package : fop Version : 1:1.0.dfsg2-6+deb7u1 CVE ID : CVE-2017-5661 Debian Bug : 860567 In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the use...

7.9CVSS7.2AI score0.0296EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2017/04/19 2:18 p.m.27 views

CVE-2017-5661

In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...

7.9CVSS4.2AI score0.0296EPSS
Exploits1References1
0day.today
0day.today
added 2017/04/19 12:0 a.m.76 views

Apache XML Graphics FOP 2.1 Information Disclosure Vulnerability

Exploit for multiple platform in category remote exploits CVE-2017-5661: Apache XML Graphics FOP information disclosure vulnerability Severity: Medium Vendor: The Apache Software Foundation Versions Affected: FOP 1.0 - 2.1 Description: Files lying on the filesystem of the server which uses batik...

7.9CVSS7.4AI score0.0296EPSS
Exploits1
OSV
OSV
added 2017/04/18 2:59 p.m.5 views

CVE-2017-5661

In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...

7.3CVSS7.1AI score
Exploits0References4
CVE
CVE
added 2017/04/18 2:0 p.m.147 views

CVE-2017-5661

CVE-2017-5661 is described in connected IBM documentation as affecting IBM Intelligent Operations Center (IOC) with fop-1.1.jar. The root cause is an XML External Entity (XXE) processing vulnerability when handling SVG/XML, potentially allowing a remote attacker to obtain sensitive information; i...

7.9CVSS7.1AI score0.0296EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2017/04/18 2:0 p.m.21 views

CVE-2017-5661

In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...

7.9CVSS7.2AI score0.0296EPSS
Exploits1
Cvelist
Cvelist
added 2017/04/18 2:0 p.m.15 views

CVE-2017-5661

In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full...

7.2AI score0.0296EPSS
Exploits1References4
Rows per page
Query Builder