CVE-2013-1665

NONECVSS 0.0

0.0

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.

🔗 References (22)

cve@mitrehttp://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
cve@mitrehttp://bugs.python.org/issue17239
cve@mitrehttp://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2013-0657.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2013-0658.html
cve@mitrehttp://rhn.redhat.com/errata/RHSA-2013-0670.html
cve@mitrehttp://ubuntu.com/usn/usn-1757-1
cve@mitrehttp://www.debian.org/security/2013/dsa-2634
cve@mitrehttp://www.openwall.com/lists/oss-security/2013/02/19/2
cve@mitrehttp://www.openwall.com/lists/oss-security/2013/02/19/4
cve@mitrehttps://bugs.launchpad.net/keystone/+bug/1100279
af854a3a-2127-422b-91ae-364da2661108http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.python.org/issue17239
af854a3a-2127-422b-91ae-364da2661108http://lists.openstack.org/pipermail/openstack-announce/2013-February/000078.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0657.html

Is Your Infrastructure Affected by CVE-2013-1665?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-1665

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-1665?