54 matches found
AZL-71441 CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
DEBIAN-CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
AZL-71450 CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
PSF-2025-16
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
Inefficient Algorithmic Complexity
Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the xml.dom.minidom methods like appendChild due to the dependancy on the clearidcache algorithm when processing excessively nested XML documents. An attacker can exhaust system resources and impact...
CVE-2025-12084
CVE-2025-12084 affects Python’s xml.dom.minidom when building nested elements via methods like appendChild() that rely on _clear_id_cache(); the algorithm becomes quadratic, potentially impacting availability under heavily nested documents. Connected advisories confirm a patch exists across multi...
CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...
PT-2025-48982
Name of the Vulnerable Software and Affected Versions xml.dom.minidom affected versions not specified Description The software experiences a performance issue when constructing deeply nested XML documents using methods like appendChild. This is due to a quadratic algorithm within the clear id cac...
EUVD-2011-2367
Malware in sbrugna...
Mozilla Multiple Products Remote Code Execution Vulnerability
Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of...
SUSE CVE-2011-2378
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...
Mozilla Firefox Interleaving document.write and appendChild Exploit
No description provided by source. $Id: mozillainterleavedwrite.rb 11796 2011-02-22 20:49:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)
No description provided by source. !-- WARNING! This is exploit code from the wild. The original first 2 unicode chars at 'id=sun8' were ub8acu1029. Use, as always, at your own risk. body div style=visibility:hidden;width:0px;height:0px div...
Mozilla Products Multiple Vulnerabilities - Windows
Mozilla Firefox/Seamonkey/Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1185-1)
Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2982 It was discovered that a vulnerability in event...
Ubuntu: Security Advisory (USN-1184-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Update for mozilla MDVSA-2011:127 (mozilla)
Check for the Version of mozilla OpenVAS Vulnerability Test Mandriva Update for mozilla MDVSA-2011:127 mozilla Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw results when .setUserData...
Mozilla: Dangling pointer vulnerability in appendChild
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...
Mozilla: Dangling pointer vulnerability in appendChild
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...