Updated svgsalamander packages fix security vulnerability
Publication date: 12 May 2019Modification date: 12 May 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-5617
Description
A vulnerability was found in the svgsalamander library. If the library is being used in a web application for processing user supplied SVG files then the app is vulnerable to SSRF (CVE-2017-5617).
References
SRPMS
6/core
- svgsalamander-1.1.2-1.mga6