Lucene search
GoogleOSV:GHSA-5V43-55M5-QR8FHistoryMay 17, 2022 - 3:06 a.m.
getID3 is vulnerable to XML External Entity (XXE)
2022-05-1703:06:13
Google
osv.dev
9
getid3
vulnerability
xxe
attack
owncloud
server
denial of service
remote attackers
arbitrary files
getID3() before 1.9.9, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
References
getid3.sourceforge.net/source/changelog.txt
owncloud.org/about/security/advisories/oC-SA-2014-006
secunia.com/advisories/58002
www.debian.org/security/2014/dsa-3001
github.com/FriendsOfPHP/security-advisories/blob/master/james-heinrich/getid3/CVE-2014-2053.yaml
github.com/JamesHeinrich/getID3
github.com/JamesHeinrich/getID3/commit/afbdaa044a9a0a9dff2f800bd670e231b3ec99b2
nvd.nist.gov/vuln/detail/CVE-2014-2053
wordpress.org/news/2014/08/wordpress-3-9-2
Related
seebug
seebug
getID3() XMLĺ¤é¨ĺŽä˝ćźć´
2014-03-19 00:00:00
ubuntucve
ubuntucve
CVE-2014-2053
2014-06-04 00:00:00
github
github
getID3 is vulnerable to XML External Entity (XXE)
2022-05-17 03:06:13
friendsofphp
friendsofphp
Potential XXE security issue
2014-09-14 18:13:30
Potential XXE security issue
2014-09-14 18:13:30
cve
cve
CVE-2014-2053
2014-06-04 14:55:03
CVE-2014-9487
2017-10-17 14:29:00
debiancve
debiancve
CVE-2014-2053
2014-06-04 14:55:03
nvd
nvd
CVE-2014-2053
2014-06-04 14:55:03
CVE-2014-9487
2017-10-17 14:29:00
cvelist
cvelist
CVE-2014-2053
2014-06-04 14:00:00
CVE-2014-9487
2017-10-17 14:00:00
wpvulndb
wpvulndb
WordPress 3.6 - 3.9.1 XXE in GetID3 Library
2014-09-16 18:19:44
owncloud
owncloud
XXE in multiple third party components - ownCloud
2014-07-03 18:22:45
Server: XXE in multiple third party components
2014-07-03 02:00:00
openvas
openvas
ownCloud Multiple Vulnerabilities-02 (Jul 2014)
2014-07-03 00:00:00
Debian: Security Advisory (DLA-56-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3001-1 (wordpress - security update)
2014-08-09 00:00:00
osv
osv
wordpress - security update
2014-09-17 00:00:00
wordpress - security update
2014-08-09 00:00:00
debian
debian
[SECURITY] [DLA 56-1] wordpress security update
2014-09-17 12:05:09
nessus
nessus
Debian DLA-56-1 : wordpress security update
2015-03-26 00:00:00
Debian DSA-3001-1 : wordpress - security update
2014-08-10 00:00:00
WordPress < 3.7.4 / 3.8.4 / 3.9.2 Multiple Vulnerabilities
2014-08-12 00:00:00