14 matches found
Mageia: Security Advisory (MGASA-2019-0160)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated svgsalamander packages fix security vulnerability
A vulnerability was found in the svgsalamander library. If the library is being used in a web application for processing user supplied SVG files then the app is vulnerable to SSRF CVE-2017-5617...
Fedora Update for svgsalamander FEDORA-2019-3cbce64a64
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : svgsalamander (2019-735d3953e8)
New upstream release with security fix for CVE-2017-5617 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 29 : svgsalamander (2019-3cbce64a64)
New upstream release with security fix for CVE-2017-5617 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Debian: Security Advisory (DLA-816-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Server side request forgery (ssrf)
The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...
Debian DSA-3781-1 : svgsalamander - security update
Luc Lynx discovered that SVG Salamander, a SVG engine for Java was susceptible to server side request forgery. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3781. The text itself is...
Debian DLA-816-1 : svgsalamander security update
Luc Lynx discovered a Server-Side Request Forgery in svgSalamander allowing access to the trusted network with specially crafted SVG files. For Debian 7 'Wheezy', these problems have been fixed in version 0svn95-1+deb7u1. We recommend that you upgrade your svgsalamander packages. NOTE: Tenable...
Debian Security Advisory DSA 3781-1 (svgsalamander - security update)
Luc Lynx discovered that SVG Salamander, a SVG engine for Java was susceptible to server side request forgery. OpenVAS Vulnerability Test $Id: deb3781.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3781-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks...
DSA-3781-1 svgsalamander - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3781-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 816-1] svgsalamander security update
Package : svgsalamander Version : 0svn95-1+deb7u1 CVE ID : CVE-2017-5617 Debian Bug : 853134 Luc Lynx discovered a Server-Side Request Forgery in svgSalamander allowing access to the trusted network with specially crafted SVG files. For Debian 7 "Wheezy", these problems have been fixed in version...
DLA-816-1 svgsalamander - security update
Bulletin has no description...