52 matches found
Tiny Technologies TinyMCE 跨站脚本漏洞
TinyMCE is a rich text editor developed by Tiny Technologies in the United States. Versions of TinyMCE from 6.8.0 to 7.1.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of SVG namespace scopes by the cleaner tool; it could allow custom payloads...
BIT-LIBPYTHON-2025-12084 Quadratic complexity in node ID cache clearing
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
BIT-PYTHON-2025-12084 Quadratic complexity in node ID cache clearing
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
BIT-PYTHON-MIN-2025-12084 Quadratic complexity in node ID cache clearing
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
CLSA-2026-1773479178 python: Fix of CVE-2025-12084
CVE-2025-12084: fix quadratic algorithm when building nested XML elements with appendChild...
Astra Linux – Vulnerability in Ruby 2.5
REXML is an XML toolkit for Ruby. The REXML gem before version 3.3.6 has a DoS vulnerability when it parses XMLs that contain many elements with the same local name attribute. If you need to parse untrusted XMLs using tree parser APIs like REXML::Document.new, you may be vulnerable to this...
Astra Linux – Vulnerabilities in Python 2.7, Python 3.11, Python 3.7
When constructing nested elements using XMLDom.minidom methods like appendChild, which rely on clearidcache, the algorithm has a quadratic complexity. This can affect the availability of documents when they are constructed with excessively nested structures...
Updated polkit-122 packages fix security vulnerability
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write. CVE-2025-7519...
MGASA-2026-0100 Updated polkit-122 packages fix security vulnerability
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write. CVE-2025-7519...
CLSA-2026-1772646053 python3: Fix of CVE-2025-12084
CVE-2025-12084: Prevent quadratic-time behavior when building excessively nested XML elements...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2026-1190)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : polkit (EulerOS-SA-2026-1139)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...
CLSA-2026-1769621572 python2: Fix of CVE-2025-12084
CVE-2025-12084: fix quadratic algorithm when building nested elements with xml.dom.minidom appendChild method...
CLSA-2026-1769510148 python3: Fix of CVE-2025-12084
CVE-2025-12084: prevent quadratic algorithm when building nested elements by optimizing clearidcache dependency...
Medium: python
Issue Overview: When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents. CVE-2025-12084 Affected Packages: python Note: This advisory ...
OESA-2026-1056 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
Medium: python3.12
Issue Overview: When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents. CVE-2025-12084 When reading an HTTP response from a server, i...
EulerOS Virtualization 2.13.1 : polkit (EulerOS-SA-2025-2558)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...
EUVD-2025-201088
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...