The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-04-03T00:00:00

Updated: 2024-08-06T15:13:31.595Z

Reserved: 2013-02-13T00:00:00

Link: CVE-2013-1665

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-04-03T00:55:02.207

Modified: 2024-11-21T01:50:06.530

Link: CVE-2013-1665

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-02-19T00:00:00Z

Links: CVE-2013-1665 - Bugzilla