MidnightBSD

Advisories for image-info_project

CVE-2016-9181 MEDIUM

perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
image-info_project image-info_for_perl 1.16
image-info_project image-info_for_perl 1.30