Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.26 views

GLSA-202003-11 : SVG Salamander: Server-Side Request Forgery

The remote host is affected by the vulnerability described in GLSA-202003-11 SVG Salamander: Server-Side Request Forgery A Server-Side Request Forgery was discovered in SVG Salamander. Impact : An attacker, by sending a specially crafted SVG file, can conduct SSRF. Workaround : There is no known...

7.4CVSS7.3AI score0.01992EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2020/03/14 12:0 a.m.99 views

SVG Salamander: Server-Side Request Forgery

Background SVG Salamander is a light weight SVG renderer and animator for Java. Description A Server-Side Request Forgery was discovered in SVG Salamander. Impact An attacker, by sending a specially crafted SVG file, can conduct SSRF. Workaround There is no known workaround at this time. Resoluti...

7.4CVSS1.1AI score0.01992EPSS
Exploits0
OSV
OSV
added 2018/10/19 4:51 p.m.23 views

GHSA-H3WV-47XM-4MG6 Server Side Request Forgery in svgSalamander

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.2AI score0.01992EPSS
Exploits0References11
OSV
OSV
added 2017/03/16 3:59 p.m.0 views

DEBIAN-CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7AI score0.01992EPSS
Exploits0References1
NVD
NVD
added 2017/03/16 3:59 p.m.15 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.3AI score0.01992EPSS
Exploits0References8
OSV
OSV
added 2017/03/16 3:59 p.m.5 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.3AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2017/03/16 3:59 p.m.20 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.1AI score0.01992EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/03/16 3:0 p.m.19 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.2AI score0.01992EPSS
Exploits0References8
CVE
CVE
added 2017/03/16 3:0 p.m.96 views

CVE-2017-5617

SVG Salamander (svgSalamander) is affected by CVE-2017-5617: a crafted SVG file can trigger server-side request forgery (SSRF) via an xlink:href attribute in web applications using the library. The vulnerability impacts the SVG rendering component and is described in multiple advisories (e.g., GL...

7.4CVSS7.2AI score0.01992EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2017/03/16 3:0 p.m.36 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.3AI score0.01992EPSS
Exploits0
CNVD
CNVD
added 2017/02/10 12:0 a.m.4 views

SVG Salamander Server-Side Request Forgery Security Bypass Vulnerability

SVG Salamander is a JAVA renderer and animator. A security bypass vulnerability exists in SVG Salamander. An attacker could use this vulnerability to bypass security constraints to perform unauthorized operations and launch further attacks...

7.4CVSS6.8AI score0.01992EPSS
Exploits0References1
Debian
Debian
added 2017/02/05 5:45 p.m.33 views

[SECURITY] [DSA 3781-1] svgsalamander security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 05, 2017 https://www.debian.org/security/faq -...

7.4CVSS7.3AI score0.01992EPSS
Exploits0
Rows per page
Query Builder