3 matches found
CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...
MGASA-2015-0199 Updated perl-XML-LibXML packages fix CVE-2015-3451
Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...
[SECURITY] [DSA 3243-1] libxml-libxml-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3243-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 01, 2015 http://www.debian.org/security/faq -...