Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 29/07/2021 Updated: 05/08/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The package glances prior to 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
glances project glances

The package glances before 321 is vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks ...

CWE-611 https://github.com/nicolargo/glances/commit/85d5a6b4af31fcf785d5a61086cbbd166b40b07a https://github.com/nicolargo/glances/issues/1025 https://snyk.io/vuln/SNYK-PYTHON-GLANCES-1311807 https://github.com/nicolargo/glances/commit/9d6051be4a42f692392049fdbfc85d5dfa458b32 https://github.com/nicolargo/glances/commit/4b87e979afdc06d98ed1b48da31e69eaa3a9fb94 https://nvd.nist.gov https://security.archlinux.org/CVE-2021-23418

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-23418

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect