6 matches found
CVE-2021-41559
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...
CVE-2021-41559
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...
CVE-2021-41559
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...
CVE-2021-41559
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...
CVE-2021-41559
CVE-2021-41559 affects Silverstripe framework 4.8.1 with a quadratic blowup in Convert::xml2array(), enabling a remote attack via a crafted XML document. Connected sources specify the affected range (4.8.1–4.10.9) and advise disabling Convert::xml2array() until a patch is available; no further ex...
CVE-2021-41559: Quadratic blowup in Convert::xml2array()
More info at https://www.silverstripe.org/download/security-releases/cve-2021-41559...