rpm package

opensuse/jgraphx&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/jgraphx&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2017-18197		—		< 3.9.2-1.9	3.9.2-1.9	Feb 24, 2018	In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView.

CVE-2017-18197Feb 24, 2018
affected < 3.9.2-1.9fixed 3.9.2-1.9
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView.