{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2013-1665","title":"Title"},{"category":"description","text":"The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2013-1665","url":"https://www.suse.com/security/cve/CVE-2013-1665"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 802278 for CVE-2013-1665","url":"https://bugzilla.suse.com/802278"},{"category":"external","summary":"SUSE Bug 803351 for CVE-2013-1665","url":"https://bugzilla.suse.com/803351"},{"category":"external","summary":"SUSE Bug 804708 for CVE-2013-1665","url":"https://bugzilla.suse.com/804708"},{"category":"external","summary":"SUSE Bug 807175 for CVE-2013-1665","url":"https://bugzilla.suse.com/807175"},{"category":"external","summary":"Advisory link for SUSE-SU-2013:1062-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2013-June/000493.html"}],"title":"SUSE CVE CVE-2013-1665","tracking":{"current_release_date":"2023-12-08T04:58:02Z","generator":{"date":"2023-02-15T05:40:35Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2013-1665","initial_release_date":"2023-02-15T05:40:35Z","revision_history":[{"date":"2023-02-15T05:40:35Z","number":"2","summary":"Current version"},{"date":"2023-12-08T04:58:02Z","number":"3","summary":"Current version"}],"status":"interim","version":"3"}}}