Back to bug 1379556
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Doran Moppert | 2016-09-27 06:53:41 UTC | Blocks | 1377998 | |
| Doran Moppert | 2016-09-27 06:54:02 UTC | Depends On | 1379557 | |
| Doran Moppert | 2016-09-27 06:54:11 UTC | Depends On | 1379558 | |
| Doran Moppert | 2016-10-05 01:08:32 UTC | Fixed In Version | perl-Image-Info 1.38_50 | |
| Salvatore Bonaccorso | 2016-11-02 05:42:15 UTC | CC | carnil | |
| Doran Moppert | 2016-11-04 07:23:06 UTC | Alias | CVE-2016-9181 | |
| Doran Moppert | 2016-11-04 07:40:11 UTC | Summary | perl-Image-Info: XXE in SVG files | CVE-2016-9181 perl-Image-Info: XXE in SVG files |
| Doran Moppert | 2016-11-17 01:26:08 UTC | Priority | medium | low |
| Fixed In Version | perl-Image-Info 1.38_50 | perl-Image-Info 1.39 | ||
| Whiteboard | impact=moderate,public=20160927,reported=20160927,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:N/A:P,cvss3=7.1/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L,cwe=CWE-611,rhel-7/perl-Image-Info=affected,rhel-6/perl-Image-Info=affected,epel-5/perl-Image-Info=affected,fedora-all/perl-Image-Info=affected | impact=low,public=20160927,reported=20160927,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:N/A:P,cvss3=7.1/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L,cwe=CWE-611,rhel-7/perl-Image-Info=wontfix,rhel-6/perl-Image-Info=wontfix,epel-5/perl-Image-Info=affected,fedora-all/perl-Image-Info=affected | ||
| Severity | medium | low | ||
| Doran Moppert | 2016-11-17 02:45:25 UTC | Doc Text | A vulnerability was found in perl-ImageInfo. When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure. | |
| Doran Moppert | 2016-11-17 02:46:52 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2016-11-16 21:46:52 UTC | |||
| Norman Sardella | 2017-01-25 14:29:57 UTC | CC | sardella | |
| Product Security DevOps Team | 2019-09-29 13:57:05 UTC | Whiteboard | impact=low,public=20160927,reported=20160927,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:N/A:P,cvss3=7.1/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L,cwe=CWE-611,rhel-7/perl-Image-Info=wontfix,rhel-6/perl-Image-Info=wontfix,epel-5/perl-Image-Info=affected,fedora-all/perl-Image-Info=affected |
Back to bug 1379556