EclecticIQ OpenTAXII(OpenTAXII)是美国EclecticIQ的 EclecticIQ 威胁情报平台的Python实现。 TAXII libtaxii 1.1.117版本存在安全漏洞,该漏洞源于允许通过解析方法的初始http://子字符串进行SSRF,即使XML解析器使用了no_network设置。

来源:MISC 链接:https://github.com/eclecticiq/OpenTAXII/issues/176 来源:MISC 链接:https://github.com/TAXIIProject/libtaxii/issues/246 来源:nvd.nist.



Source link

Is your business effected by Cyber Crime?

If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

Email: info@digitpol.com
Europe +31558448040
UK +44 20 8089 9944
ASIA +85239733884