VDB
GCVE-110-MAGEIA-2020-233
GCVE-110-MAGEIA-2020-233
Advisory Published
Updated log4net packages fix security vulnerability
This patch fixes a security vulnerabiliy reported by Karthik
Balasundaram. The security vulnerability was found in the way
how log4net parses xml configuration files where it allowed to
process XML External Entity Processing. An attacker could use
this as an attack vector if he could modify the XML configuration file.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | log4net | 0 (affected), 2.0.8-2.1.mga7 (unaffected), 0 (affected), 2.0.8-2.1.mga7 (unaffected) | — |
| Mageia | python-scipy | 0 (affected), 1.2.2-1.mga7 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,685 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.