CVE-2021-23418 - log back

CVE-2021-23418 edited at 30 Jul 2021 09:09:36
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Xml external entity injection
Description
+ The package glances before 3.2.1 is vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.
References
+ https://snyk.io/vuln/SNYK-PYTHON-GLANCES-1311807
+ https://github.com/nicolargo/glances/issues/1025
+ https://github.com/nicolargo/glances/commit/9d6051be4a42f692392049fdbfc85d5dfa458b32
Notes
CVE-2021-23418 created at 30 Jul 2021 09:06:03