12 matches found
GLSA-202003-11 : SVG Salamander: Server-Side Request Forgery
The remote host is affected by the vulnerability described in GLSA-202003-11 SVG Salamander: Server-Side Request Forgery A Server-Side Request Forgery was discovered in SVG Salamander. Impact : An attacker, by sending a specially crafted SVG file, can conduct SSRF. Workaround : There is no known...
SVG Salamander: Server-Side Request Forgery
Background SVG Salamander is a light weight SVG renderer and animator for Java. Description A Server-Side Request Forgery was discovered in SVG Salamander. Impact An attacker, by sending a specially crafted SVG file, can conduct SSRF. Workaround There is no known workaround at this time. Resoluti...
GHSA-H3WV-47XM-4MG6 Server Side Request Forgery in svgSalamander
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
DEBIAN-CVE-2017-5617
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
CVE-2017-5617
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
CVE-2017-5617
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
CVE-2017-5617
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
CVE-2017-5617
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
CVE-2017-5617
SVG Salamander (svgSalamander) is affected by CVE-2017-5617: a crafted SVG file can trigger server-side request forgery (SSRF) via an xlink:href attribute in web applications using the library. The vulnerability impacts the SVG rendering component and is described in multiple advisories (e.g., GL...
CVE-2017-5617
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
SVG Salamander Server-Side Request Forgery Security Bypass Vulnerability
SVG Salamander is a JAVA renderer and animator. A security bypass vulnerability exists in SVG Salamander. An attacker could use this vulnerability to bypass security constraints to perform unauthorized operations and launch further attacks...
[SECURITY] [DSA 3781-1] svgsalamander security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 05, 2017 https://www.debian.org/security/faq -...