VDB

GCVE-110-MAGEIA-2020-233

GCVE-110-MAGEIA-2020-233
Advisory Published
Vulnetix · Advisory published May 27, 2020
Updated log4net packages fix security vulnerability This patch fixes a security vulnerabiliy reported by Karthik Balasundaram. The security vulnerability was found in the way how log4net parses xml configuration files where it allowed to process XML External Entity Processing. An attacker could use this as an attack vector if he could modify the XML configuration file.

Affected Products

VendorProductVersionsPlatforms
Mageialog4net0 (affected), 2.0.8-2.1.mga7 (unaffected), 0 (affected), 2.0.8-2.1.mga7 (unaffected)
Mageiapython-scipy0 (affected), 1.2.2-1.mga7 (unaffected)

Browse GCVE Records

73,685 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›