Lucene search
Veracode Vulnerability DatabaseVERACODE:10998HistoryJan 15, 2019 - 8:55 a.m.
Arbitrary XML Injection
2019-01-1508:55:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
EPSS
0.004
Percentile
73.1%
swift is vulnerable to arbitrary XML injection attacks. The vulnerability exists due to the lack of user input sanitization of the account variable which is directly used in forming a XML to be parsed, allowing arbitrary XML injection attacks.
References
lists.opensuse.org/opensuse-updates/2013-07/msg00021.html
rhn.redhat.com/errata/RHSA-2013-0993.html
www.debian.org/security/2012/dsa-2737
www.openwall.com/lists/oss-security/2013/06/13/4
access.redhat.com/security/updates/classification/#moderate
bugs.launchpad.net/swift/+bug/1183884
bugzilla.redhat.com/show_bug.cgi?id=967631
rhn.redhat.com/errata/RHSA-2013-0993.html
Related
redhat
redhat
(RHSA-2013:0993) Moderate: openstack-swift security and bug fix update
2013-06-27 00:00:00
nessus
nessus
openSUSE Security Update : openstack-swift (openSUSE-SU-2013:1146-1)
2014-06-13 00:00:00
Debian DSA-2737-1 : swift - several vulnerabilities
2013-08-15 00:00:00
Ubuntu 12.04 LTS / 12.10 / 13.04 : swift vulnerabilities (USN-1887-1)
2013-06-21 00:00:00
github
github
OpenStack Swift Unchecked user input in XML responses
2022-05-14 02:10:10
nvd
nvd
CVE-2013-2161
2013-08-20 22:55:04
ubuntucve
ubuntucve
CVE-2013-2161
2013-06-13 00:00:00
debiancve
debiancve
CVE-2013-2161
2013-08-20 22:55:04
cvelist
cvelist
CVE-2013-2161
2013-08-20 22:00:00
prion
prion
Design/Logic Flaw
2013-08-20 22:55:00
cve
cve
CVE-2013-2161
2013-08-20 22:55:04
veracode
veracode
Arbitrary XML Injection
2018-07-16 05:54:15
ubuntu
ubuntu
OpenStack Swift vulnerabilities
2013-06-20 00:00:00
securityvulns
securityvulns
[USN-1887-1] OpenStack Swift vulnerabilities
2013-07-01 00:00:00
OpenStack multiple security vulnerabilities
2013-07-01 00:00:00
openvas
openvas
Ubuntu Update for swift USN-1887-1
2013-06-24 00:00:00
Debian: Security Advisory (DSA-2737-1)
2013-08-11 00:00:00
Ubuntu: Security Advisory (USN-1887-1)
2013-06-24 00:00:00
osv
osv
swift - several
2013-08-12 00:00:00
debian
debian
[SECURITY] [DSA 2737-1] swift security update
2013-08-12 18:39:56