Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.854144
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for xerces-c (openSUSE-SU-2021:2958-1)
Summary:The remote host is missing an update for the 'xerces-c'; package(s) announced via the openSUSE-SU-2021:2958-1 advisory.
Description:Summary:
The remote host is missing an update for the 'xerces-c'
package(s) announced via the openSUSE-SU-2021:2958-1 advisory.

Vulnerability Insight:
This update for xerces-c fixes the following issues:

- CVE-2018-1311: Fixed use-after-free inside XML parser during the
scanning of external DTDs (bsc#1159552).

Affected Software/OS:
'xerces-c' package(s) on openSUSE Leap 15.3.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-1311
Debian Security Information: DSA-4814 (Google Search)
https://www.debian.org/security/2020/dsa-4814
https://lists.debian.org/debian-lts-announce/2020/12/msg00025.html
https://lists.apache.org/thread.html/r48ea463fde218b1e4cc1a1d05770a0cea34de0600b4355315a49226b@%3Cc-dev.xerces.apache.org%3E
https://lists.apache.org/thread.html/rfeb8abe36bcca91eb603deef49fbbe46870918830a66328a780b8625@%3Cc-users.xerces.apache.org%3E
https://lists.apache.org/thread.html/r90ec105571622a7dc3a43b846c12732d2e563561dfb2f72941625f35@%3Cc-users.xerces.apache.org%3E
https://lists.apache.org/thread.html/rabbcc0249de1dda70cda96fd9bcff78217be7a57d96e7dcc8cd96646@%3Cc-users.xerces.apache.org%3E
RedHat Security Advisories: RHSA-2020:0702
https://access.redhat.com/errata/RHSA-2020:0702
RedHat Security Advisories: RHSA-2020:0704
https://access.redhat.com/errata/RHSA-2020:0704
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.