Vulnerabilities > CVE-2017-1000498 - XXE vulnerability in Androidsvg Project Androidsvg 1.2.2

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
androidsvg-project
CWE-611
NVD
Published: 2018-01-03
Updated: 2024-11-21

Summary

AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution

Vulnerable Configurations

Part Description Count
Application
Androidsvg_Project
1

Common Weakness Enumeration (CWE)

References