18 matches found
EUVD-2021-0215
Malware in sbrugna...
CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
Debian DLA-2754-1 : pywps - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2754 advisory. DLA text goes here For Debian 9 stretch, this problem has been fixed in version 4.0.0-3+deb9u1. We recommend that you upgrade your pywps packages. For the detailed security...
Debian: Security Advisory (DLA-2754-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2754-1] pywps security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2754-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA September 04, 2021 https://wiki.debian.org/LTS -...
DLA-2754-1 pywps - security update
Bulletin has no description...
XML External Entity Injection in PyWPS
An XML external entity XXE injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
GHSA-P9WF-3XPG-C9G5 XML External Entity Injection in PyWPS
An XML external entity XXE injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
XML External Entity (XXE) Injection
pywps is vulnerable to XML External Entity XXE Injection. An attacker is able to view files on the application server filesystem as the lxml default parser allows assigning a path to the entity...
CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
Xxe
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
PYSEC-2021-121
An XML external entity XXE injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
PYSEC-2021-121
An XML external entity XXE injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
CVE-2021-39371
CVE-2021-39371 is an XXE injection in PyWPS prior to 4.4.5, with OWSLib 0.24.1 possibly affected. The vulnerability allows an attacker to view files on the application server filesystem by supplying a path to an XML external entity. The connected advisories indicate remediation by upgrading PyWPS...
CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...