CVE-2013-1664

NONECVSS 0.0

0.0

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack.

🔗 References (20)

cve@mitrehttp://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
cve@mitrehttp://bugs.python.org/issue17239
cve@mitrehttp://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2013-0657.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2013-0658.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2013-0670.html
cve@mitrehttp://ubuntu.com/usn/usn-1757-1
cve@mitrehttp://www.openwall.com/lists/oss-security/2013/02/19/2
cve@mitrehttp://www.openwall.com/lists/oss-security/2013/02/19/4
cve@mitrehttps://bugs.launchpad.net/nova/+bug/1100282
af854a3a-2127-422b-91ae-364da2661108http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.python.org/issue17239
af854a3a-2127-422b-91ae-364da2661108http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0657.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0658.html

Is Your Infrastructure Affected by CVE-2013-1664?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-1664

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-1664?