Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 27 Jan 2017 10:51:09 +0300
From: Luc Lynx <>
Subject: SSRF issue in the svgsalamander library


There is a java library for processing svg files called svgSalamander:

It can also be found in maven:

If the library is used in a web application, SSRF isssue is possible. I
created a ticket on github:

The issue seems to be in all versions of the library.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ