Lucene search
GoogleOSV:GHSA-QPMC-WPRV-X746HistoryApr 12, 2022 - 9:31 p.m.
Inline DTD allows XML bomb attack
2022-04-1221:31:26
Google
osv.dev
10
0.001 Low
EPSS
Percentile
45.7%
The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD.
Related
cve
cve
CVE-2019-15160
2019-08-19 06:15:10
osv
osv
CVE-2019-15160
2019-08-19 06:15:10
nvd
nvd
CVE-2019-15160
2019-08-19 06:15:10
prion
prion
Code injection
2019-08-19 06:15:00
cvelist
cvelist
CVE-2019-15160
2019-08-19 05:40:00
github
github
Inline DTD allows XML bomb attack
2022-04-12 21:31:26