perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
CPE | Name | Operator | Version |
---|---|---|---|
image-info_for_perl | eq | 1.30 | |
image-info_for_perl | eq | 1.16 |