2 matches found
DEBIAN-CVE-2012-2921
Universal Feed Parser aka feedparser or python-feedparser before 5.1.2 allows remote attackers to cause a denial of service memory consumption via a crafted XML ENTITY declaration in a non-ASCII encoded document...
CVE-2009-2473
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to...