Lucene search

K

MitreCVELIST:CVE-2015-2942

HistoryApr 13, 2015 - 2:00 p.m.

CVE-2015-2942

2015-04-1314:00:00

mitre

www.cve.org

4

AI Score

6.3

Confidence

Low

EPSS

0.036

Percentile

91.7%

MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an (1) SVG file or (2) XMP metadata in a PDF file, aka a “billion laughs attack,” a different vulnerability than CVE-2015-2937.

References

www.openwall.com/lists/oss-security/2015/04/01/1

www.openwall.com/lists/oss-security/2015/04/07/3

www.securityfocus.com/bid/73477

lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html

phabricator.wikimedia.org/T85848

security.gentoo.org/glsa/201510-05

AI Score

6.3

Confidence

Low

EPSS

0.036

Percentile

91.7%

Related for CVELIST:CVE-2015-2942

ubuntucve2 debiancve2 nvd2 prion2 cve2 cvelist1 openvas4 kaspersky1 archlinux1 nessus3 gentoo1 mageia1 securityvulns2