UBUNTU-CVE-2017-8315

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2017-8315

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-8315.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2017-8315

Related

CVE-2017-8315

Published

2018-04-20T19:29:00Z

Modified

2024-10-15T14:06:19Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.

References

Affected packages

Ubuntu:Pro:16.04:LTS / apktool

Package

Name: apktool
Purl: pkg:deb/ubuntu/apktool?arch=src?distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0.2+dfsg-1

2.0.2+dfsg-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:18.04:LTS / apktool

Package

Name: apktool
Purl: pkg:deb/ubuntu/apktool?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.4-1~18.04

Affected versions

2.*

2.2.4+dfsg-1

2.3.0+dfsg-1

2.3.1+dfsg-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.3.4-1~18.04",
            "binary_name": "apktool"
        }
    ]
}