Lucene search
Veracode Vulnerability DatabaseVERACODE:31792HistoryAug 24, 2021 - 3:36 a.m.
XML External Entity (XXE) Injection
2021-08-2403:36:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
pywps
xxe injection
lxml parser
server filesystem
EPSS
0.005
Percentile
76.4%
pywps is vulnerable to XML External Entity (XXE) Injection. An attacker is able to view files on the application server filesystem as the lxml default parser allows assigning a path to the entity.
Related
ubuntucve
ubuntucve
CVE-2021-39371
2021-08-23 00:00:00
prion
prion
Xxe
2021-08-23 01:15:00
cvelist
cvelist
CVE-2021-39371
2021-08-23 00:03:20
osv
osv
PYSEC-2021-121
2021-08-23 01:15:00
pywps - security update
2021-09-04 00:00:00
XML External Entity Injection in PyWPS
2021-09-02 17:11:13
cve
cve
CVE-2021-39371
2021-08-23 01:15:06
nvd
nvd
CVE-2021-39371
2021-08-23 01:15:06
openvas
openvas
Debian: Security Advisory (DLA-2754-1)
2021-09-05 00:00:00
debiancve
debiancve
CVE-2021-39371
2021-08-23 01:15:06
debian
debian
[SECURITY] [DLA 2754-1] pywps security update
2021-09-04 11:15:46
nessus
nessus
Debian DLA-2754-1 : pywps - LTS security update
2021-09-12 00:00:00
github
github
XML External Entity Injection in PyWPS
2021-09-02 17:11:13