| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2017-5992 |
| Description: |
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2017-5992
Mitre CVE-2017-5992
SUSE CVE-2017-5992
openSUSE-SU-2018:0108-1
openSUSE-SU-2018:0522-1
|
| Platform(s): | openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 42.2 is installed AND Package Information
python-openpyxl-2.2.2-4.5.1 is installed
AND python-openpyxl is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Leap 42.3 is installed
AND Package Information
python-openpyxl-2.2.2-7 is installed
AND python-openpyxl is signed with openSUSE key
OR
python3-openpyxl-2.2.4-7.3 is installed
AND python3-openpyxl is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND Package Information
python36-openpyxl-3.0.7-1.2 is installed
OR python38-openpyxl-3.0.7-1.2 is installed
OR python39-openpyxl-3.0.7-1.2 is installed
|