SilverStripe framework XML Quadratic Blowup Attack

2024-05-2314:49:39

Google

osv.dev

silverstripe

framework

vulnerability

quadratic blowup attack

performance

site

xml

7 High

AI Score

Confidence

Low

JSON

A low level vulnerability has been found in the SilverStripe framework, where the Quadratic Blowup Attack could potentially be exploited to affect the performance of a site.

See http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/ for a writeup.

CPENameOperatorVersion
silverstripe/frameworkeq3.1.10-rc1
silverstripe/frameworkeq3.0.3-rc1
silverstripe/frameworkeq3.1.2-rc1
silverstripe/frameworkeq3.0.6-rc2
silverstripe/frameworkeq3.1.3
silverstripe/frameworkeq2.4.11
silverstripe/frameworkeq2.4.13
silverstripe/frameworkeq3.1.2
silverstripe/frameworkeq3.1.3-rc1
silverstripe/frameworkeq3.1.5

Name	Operator	Version
silverstripe/framework	eq	3.1.10-rc1
silverstripe/framework	eq	3.0.3-rc1
silverstripe/framework	eq	3.1.2-rc1
silverstripe/framework	eq	3.0.6-rc2
silverstripe/framework	eq	3.1.3
silverstripe/framework	eq	2.4.11
silverstripe/framework	eq	2.4.13
silverstripe/framework	eq	3.1.2
silverstripe/framework	eq	3.1.3-rc1
silverstripe/framework	eq	3.1.5

Rows per page:

1-10 of 581

References

github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2014-017-1.yaml

github.com/silverstripe/silverstripe-framework

github.com/silverstripe/silverstripe-framework/commit/7f983c2bae1dc78ca7217e9af364b2fb71dcefe8

www.silverstripe.org/software/download/security-releases/ss-2014-017-xml-quadratic-blowup-attack

7 High

AI Score

Confidence

Low

JSON