Upstream information

CVE-2021-23418 at MITRE

Description

The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having low severity.

SUSE Bugzilla entry: 1188925 [NEW]

No SUSE Security Announcements cross referenced.