CVE-2017-1000497

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1970%

EPSS Percentile10.74th

Published2018年1月3日

Last Modified2024年11月21日

Vulnerability Description

Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution

Affected Platforms (CPE)

📦

Pepperminty Wiki Project

Pepperminty Wiki

= 0.15

References & Advisories

🔗 https://github.com/sbrl/Pepperminty-Wiki/issues/152

関連する脆弱性情報

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...

CVE-2017-522610.0

When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioc...

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...

CVE-2017-772210.0

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with ...