Astra Linux - уязвимость в unoconv

The unoconv package before version 0.9 mishandles untrusted pathnames, resulting in SSRF and local file inclusions...

MiracleLinux 7 : unoconv-0.6-8.el7 (AXSA:2020-729:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-729:01 advisory. unoconv: mishandling of pathname leads to SSRF and local file inclusion CVE-2019-17400 The unoconv package before 0.9 mishandles untrusted pathnames, leading ...

EUVD-2019-0151

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-17400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. CVE-2019-17400 Note that Nessus relies on the presence ...

RHSA-2020:3944 Red Hat Security Advisory: unoconv security update

Bulletin has no description...

Oracle Linux 7 : unoconv (ELSA-2020-3944)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-3944 advisory. 0.6-8 - Resolves: rhbz1803831 CVE-2019-17400 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

SUSE CVE-2019-17400

The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion...

NewStart CGSL CORE 5.05 / MAIN 5.05 : unoconv Vulnerability (NS-SA-2021-0170)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has unoconv packages installed that are affected by a vulnerability: - The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. CVE-2019-17400 Note that Nessus has not tested for...

NewStart CGSL CORE 5.04 / MAIN 5.04 : unoconv Vulnerability (NS-SA-2021-0043)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unoconv packages installed that are affected by a vulnerability: - The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. CVE-2019-17400 Note that Nessus has not tested for...

Scientific Linux Security Update : unoconv on SL7.x (noarch) (20201001)

Security Fixes : - unoconv: mishandling of pathname leads to SSRF and local file inclusion CVE-2019-17400 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141680; scriptversion"1.3";...

unoconv security update

CentOS Errata and Security Advisory CESA-2020:3944 An update for unoconv is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : unoconv (RHSA-2020:3944)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3944 advisory. - The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. CVE-2019-17400 Note that Nessus has not tested for th...

unoconv security update

0.6-8 - Resolves: rhbz1803831 CVE-2019-17400...

RHEL 7 : unoconv (RHSA-2020:3944)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3944 advisory. Universal Office Converter unoconv is a command line tool to convert any document format that LibreOffice can import to any document format that...

unoconv: mishandling of pathname leads to SSRF and local file inclusion

The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion...

Server-Side Request Forgery in unoconv

The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion...

GHSA-27P5-7CW6-M45H Server-Side Request Forgery in unoconv

The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion...

CVE-2019-17400

The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion...

Server-Side Request Forgery (SSRF)

unoconv is vulnerable to server-side request forgery SSRF. The vulnerability exists because it does not validate the user supplied input pathnames, allowing a remote attacker to have full or partial control of the request to be executed in the context of the server process worker...

unoconv package code issue vulnerability

The unoconv package is a software package for document format conversion. A code issue vulnerability vulnerability exists in versions of the unoconv package prior to 0.9, which stems from unoconv failing to properly handle untrustworthy pathnames, no details of the vulnerability are provided at...