rpm package
opensuse/tuxguitar&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/tuxguitar&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-13940 | — | < 1.6.0-2.1 | 1.6.0-2.1 | Oct 1, 2020 | In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to servic | ||
| CVE-2020-14940 | — | < 1.6.0-2.1 | 1.6.0-2.1 | Jun 23, 2020 | An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files. |
- CVE-2020-13940Oct 1, 2020affected < 1.6.0-2.1fixed 1.6.0-2.1
In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to servic
- CVE-2020-14940Jun 23, 2020affected < 1.6.0-2.1fixed 1.6.0-2.1
An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files.