Lucene search
K

54 matches found

OSV
OSV
added 2025/12/03 7:15 p.m.6 views

AZL-71441 CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS7.3AI score0.00708EPSS
Exploits0References1
OSV
OSV
added 2025/12/03 7:15 p.m.2 views

DEBIAN-CVE-2025-12084

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

5.3CVSS7.3AI score0.00708EPSS
Exploits0References1
OSV
OSV
added 2025/12/03 7:15 p.m.7 views

AZL-71450 CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS7.3AI score0.00708EPSS
Exploits0References1
OSV
OSV
added 2025/12/03 6:55 p.m.6 views

PSF-2025-16

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS6.9AI score0.00708EPSS
Exploits0References14
Snyk
Snyk
added 2025/12/03 6:55 p.m.8 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the xml.dom.minidom methods like appendChild due to the dependancy on the clearidcache algorithm when processing excessively nested XML documents. An attacker can exhaust system resources and impact...

7.5CVSS6.4AI score0.00708EPSS
Exploits0References2
CVE
CVE
added 2025/12/03 6:55 p.m.120 views

CVE-2025-12084

CVE-2025-12084 affects Python’s xml.dom.minidom when building nested elements via methods like appendChild() that rely on _clear_id_cache(); the algorithm becomes quadratic, potentially impacting availability under heavily nested documents. Connected advisories confirm a patch exists across multi...

6.3CVSS6.6AI score0.00708EPSS
Exploits0References14Affected Software1
Debian CVE
Debian CVE
added 2025/12/03 6:55 p.m.7 views

CVE-2025-12084

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS7.3AI score0.00708EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.7 views

PT-2025-48982

Name of the Vulnerable Software and Affected Versions xml.dom.minidom affected versions not specified Description The software experiences a performance issue when constructing deeply nested XML documents using methods like appendChild. This is due to a quadratic algorithm within the clear id cac...

6.3CVSS6.5AI score0.00708EPSS
Exploits0References210
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-2367

Malware in sbrugna...

10CVSS8.5AI score0.05556EPSS
Exploits0References19
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/06 12:0 a.m.8 views

Mozilla Multiple Products Remote Code Execution Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of...

9.8CVSS8AI score0.83279EPSS
In wildExploits14
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.2 views

SUSE CVE-2011-2378

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...

10CVSS7.8AI score0.05556EPSS
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Mozilla Firefox Interleaving document.write and appendChild Exploit

No description provided by source. $Id: mozillainterleavedwrite.rb 11796 2011-02-22 20:49:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)

No description provided by source. !-- WARNING! This is exploit code from the wild. The original first 2 unicode chars at 'id=sun8' were ub8acu1029. Use, as always, at your own risk. body div style=visibility:hidden;width:0px;height:0px div...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/09/09 12:0 a.m.21 views

Mozilla Products Multiple Vulnerabilities - Windows

Mozilla Firefox/Seamonkey/Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.7AI score0.05556EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/08/26 12:0 a.m.32 views

Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1185-1)

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2982 It was discovered that a vulnerability in event...

10CVSS8.7AI score0.05556EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2011/08/24 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-1184-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.05556EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/08/19 12:0 a.m.44 views

Mandriva Update for mozilla MDVSA-2011:127 (mozilla)

Check for the Version of mozilla OpenVAS Vulnerability Test Mandriva Update for mozilla MDVSA-2011:127 mozilla Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

10CVSS1.1AI score0.05556EPSS
Exploits5References2
Zero Day Initiative
Zero Day Initiative
added 2011/08/17 12:0 a.m.39 views

Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw results when .setUserData...

7.5CVSS4.7AI score0.05556EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/08/16 6:38 p.m.5 views

Mozilla: Dangling pointer vulnerability in appendChild

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...

10CVSS6.2AI score0.05556EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/08/16 6:31 p.m.5 views

Mozilla: Dangling pointer vulnerability in appendChild

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...

10CVSS6.2AI score0.05556EPSS
Exploits0References4
Rows per page
Query Builder