Lucene search
F5F5:K08383757HistoryFeb 10, 2017 - 12:00 a.m.
K08383757 : perl-XML-Twig vulnerability CVE-2016-9180
2017-02-1000:00:00
my.f5.com
15
Security Advisory Description
perl-XML-Twig: The option to expand_external_ents, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless of the option’s setting. (CVE-2016-9180)
Impact
An authenticated user with a BIG-IP ASM administrative role, such as Policy Editor, may be able to craft an XML message which, when processed by the ASMConfig process usingperl-XML-Twig, may cause a denial of service (DoS) or potentially an information disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.5.5 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 |
Related
cve
cve
CVE-2016-9180
2016-12-22 21:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:2172-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for perl-XML-Twig (EulerOS-SA-2021-1344)
2021-02-22 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2173-1)
2021-04-19 00:00:00
nessus
nessus
EulerOS 2.0 SP2 : perl-XML-Twig (EulerOS-SA-2021-1344)
2021-02-22 00:00:00
openSUSE Security Update : perl-XML-Twig (openSUSE-2020-1177)
2020-08-11 00:00:00
RHEL 7 : perl-xml-twig (Unpatched Vulnerability)
2024-06-03 00:00:00
debiancve
debiancve
CVE-2016-9180
2016-12-22 21:59:00
prion
prion
Xxe
2016-12-22 21:59:00
suse
suse
Security update for perl-XML-Twig (moderate)
2020-08-11 00:00:00
Security update for perl-XML-Twig (moderate)
2020-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2016-9180
2016-12-22 00:00:00
redhatcve
redhatcve
CVE-2016-9180
2016-11-04 07:47:20
nvd
nvd
CVE-2016-9180
2016-12-22 21:59:00
cvelist
cvelist
CVE-2016-9180
2016-12-22 21:00:00