Oval Definition:oval:org.opensuse.security:def:20175992
Revision Date:2022-06-30Version:1
Title:CVE-2017-5992
Description:

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-5992
Mitre CVE-2017-5992
SUSE CVE-2017-5992
openSUSE-SU-2018:0108-1
openSUSE-SU-2018:0522-1
Platform(s):openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • python-openpyxl-2.2.2-4.5.1 is installed
  • AND python-openpyxl is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • python-openpyxl-2.2.2-7 is installed
  • AND python-openpyxl is signed with openSUSE key
  • OR
  • python3-openpyxl-2.2.4-7.3 is installed
  • AND python3-openpyxl is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • python36-openpyxl-3.0.7-1.2 is installed
  • OR python38-openpyxl-3.0.7-1.2 is installed
  • OR python39-openpyxl-3.0.7-1.2 is installed
    • BACK