Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-23418 - log back

CVE-2021-23418 edited at 30 Jul 2021 09:09:36

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Xml external entity injection

Description

+	The package glances before 3.2.1 is vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.

References

+	https://snyk.io/vuln/SNYK-PYTHON-GLANCES-1311807
+	https://github.com/nicolargo/glances/issues/1025
+	https://github.com/nicolargo/glances/commit/9d6051be4a42f692392049fdbfc85d5dfa458b32

Notes

CVE-2021-23418 created at 30 Jul 2021 09:06:03