oss-sec mailing list archives
Re: SSRF issue in the svgsalamander library
From: <cve-assign () mitre org>
Date: Sun, 29 Jan 2017 07:08:58 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://github.com/blackears/svgSalamander/issues/11 <svg ... <image xlink:href="https://host-in-the-trusted-network.com/test.jpg"; ...
![https://host-in-the-trusted-network.com/test.jpg"](https://host-in-the-trusted-network.com/test.jpg"){kind=link}
Use CVE-2017-5617. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYjdlWAAoJEHb/MwWLVhi2lBAP/AmEC5U0G/8Cy1a6By1nTYMC wdzp7WTuV3rAoSoK7+xkaucNG8zw/clt35a4ngYhN8DQ4IzGRyg078c/UaLt8r/S flc5I7rR+x9Mdje2M6Z/G8mIh8vnyhFzIIA9s3QFjUu3x5jNSynnLoPfKg/AcJaX 7ZEdeG+30o/6qHQcbCLN/cA4UaShsxwcleuyfe6/O/aSOHPyvEf2arv+N5VmFKyZ V0MHek+5tqJN+U+mwIk7dj27Vn4kpa1874FwH41+pmE9cfM4oxnLngVlhNUgacgh oNJY6nGQwp4pudTUfu+i3xRBROYqqhGT6a+e/d/GeTUBqKn36WyFLIZQS4Sltsc0 85TeQgCd2MvkdMGbD7yXV1qu+KssLRBBRmyje3XboF492hzUlFkWy222ZFFKTyrH nF01Xr9PrzfZh9MYP0ajxJcvdUZq6YmVuso+Y4tiOvuqckJTBDbuMuvM6uW7yl6Q 5nP+ab8tq4EPGjWSy42apEz/h6aQLYXhKlCsdS20RIDbr8XOODPIfcqFC719aG3P +2TatG980NtI7zYngUYbMy1hNiC5uo9Qx4oRsS1Gp8Z8MxzAgqQsrjbG1vKRzYwn VtGZrQKV15TyeFPnZJFMQFYnJ1gOW2JjRbe3NXCxpAXYHJMNJvXOohG1onbsNo2C tmyxTVXIiWa3ptHBeaI6 =UYBx -----END PGP SIGNATURE-----
Current thread:
- SSRF issue in the svgsalamander library Luc Lynx (Jan 26)
- Re: SSRF issue in the svgsalamander library cve-assign (Jan 29)