Lucene search

K
githubGitHub Advisory DatabaseGHSA-G43W-98WP-M694
HistoryMay 23, 2024 - 2:49 p.m.

SilverStripe framework XML Quadratic Blowup Attack

2024-05-2314:49:39
CWE-400
CWE-776
GitHub Advisory Database
github.com
3
silverstripe
quadratic blowup attack
vulnerability
xml
performance
exploit

7 High

AI Score

Confidence

Low

A low level vulnerability has been found in the SilverStripe framework, where the Quadratic Blowup Attack could potentially be exploited to affect the performance of a site.

See http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/ for a writeup.

Affected configurations

Vulners
Node
silverstripeframeworkRange3.1.11
CPENameOperatorVersion
silverstripe/frameworkle3.1.11

7 High

AI Score

Confidence

Low