208 matches found
Kubernetes API Server - YAML Parsing DoS (Billion Laughs)
The Kubernetes API server is vulnerable to a denial of service attack via YAML/JSON parsing. An attacker can send a specially crafted YAML/JSON payload that causes exponential memory consumption Billion Laughs attack, leading to API server crash. id: CVE-2019-11253 info: name: Kubernetes API Serv...
CVE-2026-45771
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested declarations without a depth or count boun...
CVE-2026-45771
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested declarations without a depth or count boun...
GHSA-4QPC-3HR4-R2P4 Symfony's YAML Parser Vulnerable to Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs")
Description Symfony\Component\Yaml\Parser resolves YAML aliases anchor during parsing. Aliases that reference collections arrays, stdClass, TaggedValue-wrapped collections can themselves point to other collections containing aliases, creating exponential expansion at resolution time. A small inpu...
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Overview Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' via Recursive Collection-Alias Expansion "Billion Laughs". Symfony\Component\Yaml\Parser resolves YAML aliases anchor during parsing. Aliases that...
Astra Linux - уязвимость в c3p0
C3P0 versions less than 0.9.5.4 may be exploited by a “billion laughs attack” when loading XML configuration, due to the lack of protections against recursive entity expansion during the loading of configuration files...
📄 CairoSVG Denial of Service
CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability. CVE-2026-31899: Exponential DoS via Recursive Element Amplification in CairoSVG Keywords: CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification,...
RHCOS 4 : OpenShift Container Platform 4.1.20 openshift (RHSA-2019:3132)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3132 advisory. - kubernetes: YAML parsing vulnerable to Billion Laughs attack, allowing for remote denial of service CVE-2019-11253 Note that Nessus has not...
RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:3905)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3905 advisory. - kubernetes: kubectl cp allows for arbitrary file write via double symlinks CVE-2019-11251 - kubernetes: YAML parsing vulnerable to...
CLSA-2026-1776440644 expat: Fix of 4 CVEs
CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...
CLSA-2026-1776441769 expat: Fix of 4 CVEs
CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...
CLSA-2026-1776441540 expat: Fix of 4 CVEs
CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...
CVE-2026-29074 SVGO: DoS through entity expansion in DOCTYPE (Billion Laughs)
SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...
CVE-2026-29074 SVGO: DoS through entity expansion in DOCTYPE (Billion Laughs)
SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...
CVE-2026-27807 MarkUs: YAML alias (‘billion laughs’) DoS in config upload
MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.4, MarkUs allows course instructors to upload YAML files to create/update various entities e.g., assignment settings. These YAML files are parsed with aliases enabled. This issue has been patch...
CVE-2026-27807
MarkUs (web app for assignment submission/grading) is affected by CVE-2026-27807 due to YAML files parsed with aliases enabled, enabling a billion‑laughs style DoS. The issue affects configurations uploaded prior to v2.9.4, where YAML parsing could be abused to exhaust resources. The CVSS vector ...
XML Entity Expansion (Billion Laughs)
Overview Affected versions of this package are vulnerable to XML Entity Expansion Billion Laughs when parsing of custom XML entities in DOCTYPE. An attacker can cause the application to consume excessive memory by submitting malicious SVG files containing recursive entity references. Workaround F...
XML Entity Expansion (Billion Laughs)
Overview Affected versions of this package are vulnerable to XML Entity Expansion Billion Laughs when parsing of custom XML entities in DOCTYPE. An attacker can cause the application to consume excessive memory by submitting malicious SVG files containing recursive entity references. Workaround F...
GHSA-XPQW-6GX7-V673 SVGO DoS through entity expansion in DOCTYPE (Billion Laughs)
Summary SVGO accepts XML with custom entities, without guards against entity expansion or recursion. This can result in a small XML file 811 bytes stalling the application and even crashing the Node.js process with JavaScript heap out of memory. Details The upstream XML parser sax doesn't interpr...
SVGO DoS through entity expansion in DOCTYPE (Billion Laughs)
Summary SVGO accepts XML with custom entities, without guards against entity expansion or recursion. This can result in a small XML file 811 bytes stalling the application and even crashing the Node.js process with JavaScript heap out of memory. Details The upstream XML parser sax doesn't interpr...