Debian Pywps vulnerabilities

1 known vulnerability affecting debian/pywps.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1

Vulnerabilities

Page 1 of 1
CVE-2021-39371HIGHCVSS 7.5fixed in pywps 4.5.0-1 (bookworm)2021
CVE-2021-39371 [HIGH] CVE-2021-39371: pywps - An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker ... An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected. Scope: local bookworm: resolved (fixed in 4.5.0-1) bullseye: open forky: resolved (fixed in 4.5.0-1) sid: resolved (fixed in 4.5.0-1) trixie: resolved (fixed in 4.5.0-1
debian