Risk Scores
CVSS v2.0
5
EPSS Score
3.00%
86.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | Django | 1.3.0, 1.4.0 |
| openstack | folsom | |
| openstack | keystone_essex | |
| n/a | n/a | n/a |
Timeline
- CVE Published
- Feb 4, 2022 EPSS Score
- Mar 28, 2022 EPSS Score
- Jul 10, 2022 EPSS Score
- Sep 1, 2022 EPSS Score
- Dec 14, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 19, 2023 EPSS Score
- Jul 10, 2023 EPSS Score
- Aug 31, 2023 EPSS Score
- Dec 13, 2023 EPSS Score
References
- [oss-security] 20130219 REJECT CVE-2013-0278, CVE-2013-0279 and CVE-2013-0280 mailing-list
- [openstack-announce] 20130219 [OSSA 2013-004] Information leak and Denial of Service using XML entities (CVE-2013-1664, CVE-2013-1665) mailing-list
- RHSA-2013:0658 vendor-advisory
- [oss-security] 20130219 [OSSA 2013-004] Information leak and Denial of Service using XML entities (CVE-2013-1664, CVE-2013-1665) mailing-list
- USN-1757-1 vendor-advisory
- RHSA-2013:0657 vendor-advisory
- DSA-2634 vendor-advisory
- http://blog.python.org/2013/02/announcing-defusedxml-fixes-for-xml.html url
- RHSA-2013:0670 vendor-advisory
- http://bugs.python.org/issue17239 url
- https://bugs.launchpad.net/keystone/+bug/1100279 url
- https://nvd.nist.gov/vuln/detail/CVE-2013-1665 advisory
- https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40 url
- https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112 url