Summary: | <dev-java/jackrabbit-webdav-2.10.1: XXE (XSS) vulnerability, may disclose local files (CVE-2015-1833) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1833 | ||
Whiteboard: | ~3 [noglsa/cve] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2015-07-02 19:12:46 UTC
I bumped jackrabbit-webdav a little while ago due to another CVE. Hence, we have the latest version available in Portage (2.10.1), which is, fortunately, not affected by this CVE. You can close this bug. |